spring-projects/spring-security (org.springframework.security:spring-security-test)
### [`v6.2.0`](https://togithub.com/spring-projects/spring-security/releases/tag/6.2.0)
[Compare Source](https://togithub.com/spring-projects/spring-security/compare/6.1.5...6.2.0)
#### :star: New Features
- AuthorizationManager\[Before/After]ReactiveMethodInterceptor doesn't support Kotlin coroutines [#12080](https://togithub.com/spring-projects/spring-security/issues/12080)
- Simplify configuration of OAuth2 Client component model [#11783](https://togithub.com/spring-projects/spring-security/issues/11783)
#### :beetle: Bug Fixes
- On Cancel, ObservationWebFilterDecorator Starts After-Filter Span without Stopping It [#14064](https://togithub.com/spring-projects/spring-security/issues/14064)
- Authentication not propagated correctly after migrating to SB3 [#14112](https://togithub.com/spring-projects/spring-security/issues/14112)
- Authorization does not show up on Features section [#14105](https://togithub.com/spring-projects/spring-security/issues/14105)
- Fix obsolete comment and typos [#14060](https://togithub.com/spring-projects/spring-security/pull/14060)
- Fix typo in documentation [#14130](https://togithub.com/spring-projects/spring-security/pull/14130)
- improve render in headers.adoc [#14102](https://togithub.com/spring-projects/spring-security/issues/14102)
- ReactiveRemoteJWKSource caches invalid response status into jwkSetURL [#14042](https://togithub.com/spring-projects/spring-security/issues/14042)
- References to WebFlux docs do not link to them [#14108](https://togithub.com/spring-projects/spring-security/issues/14108)
- relay_state should not be included in signing calculation when it is null [#14039](https://togithub.com/spring-projects/spring-security/issues/14039)
- samesite set by Tomcat CookieProcessor ignored when creating XSRF-TOKEN cookie in CsrfTokenRepository [#14138](https://togithub.com/spring-projects/spring-security/issues/14138)
- Security configuration is failed to be initialized in a Servlet 6.0 container [#14166](https://togithub.com/spring-projects/spring-security/issues/14166)
- Spring Security documentation confuses "idempotent" with "read-only" in CSRF section [#14115](https://togithub.com/spring-projects/spring-security/issues/14115)
- Spring Security metric names should not contain dashes [#14067](https://togithub.com/spring-projects/spring-security/issues/14067)
- spring.security counters inaccurate due onComplete and cancel() [#14147](https://togithub.com/spring-projects/spring-security/issues/14147)
- The latest "OAuth2AuthorizedClientManager" class is not AOT ready [#14094](https://togithub.com/spring-projects/spring-security/issues/14094)
- UnboundIdContainer should be marked as not running at shutdown [#14095](https://togithub.com/spring-projects/spring-security/issues/14095)
#### :hammer: Dependency Upgrades
- Bump io-spring-javaformat from 0.0.39 to 0.0.40 [#14156](https://togithub.com/spring-projects/spring-security/pull/14156)
- Bump io.micrometer:micrometer-observation from 1.12.0-RC1 to 1.12.0 [#14135](https://togithub.com/spring-projects/spring-security/pull/14135)
- Bump io.projectreactor:reactor-bom from 2023.0.0-RC1 to 2023.0.0 [#14145](https://togithub.com/spring-projects/spring-security/pull/14145)
- Bump org.junit:junit-bom from 5.10.0 to 5.10.1 [#14097](https://togithub.com/spring-projects/spring-security/pull/14097)
- Bump org.springframework.data:spring-data-bom from 2023.1.0-RC1 to 2023.1.0 [#14172](https://togithub.com/spring-projects/spring-security/pull/14172)
- Bump org.springframework.ldap:spring-ldap-core from 3.2.0-RC1 to 3.2.0 [#14155](https://togithub.com/spring-projects/spring-security/pull/14155)
- Bump org.springframework:spring-framework-bom from 6.1.0-RC1 to 6.1.0-RC2 [#14055](https://togithub.com/spring-projects/spring-security/pull/14055)
- Bump org.springframework:spring-framework-bom from 6.1.0-RC2 to 6.1.0 [#14157](https://togithub.com/spring-projects/spring-security/pull/14157)
#### :heart: Contributors
We'd like to thank all the contributors who worked on this release!
- [@nico-ortiz](https://togithub.com/nico-ortiz)
- [@dependabot\[bot\]](https://togithub.com/apps/dependabot)
- [@martin-lukas](https://togithub.com/martin-lukas)
Configuration
š Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
6.1.5
->6.2.0
Release Notes
spring-projects/spring-security (org.springframework.security:spring-security-test)
### [`v6.2.0`](https://togithub.com/spring-projects/spring-security/releases/tag/6.2.0) [Compare Source](https://togithub.com/spring-projects/spring-security/compare/6.1.5...6.2.0) #### :star: New Features - AuthorizationManager\[Before/After]ReactiveMethodInterceptor doesn't support Kotlin coroutines [#12080](https://togithub.com/spring-projects/spring-security/issues/12080) - Simplify configuration of OAuth2 Client component model [#11783](https://togithub.com/spring-projects/spring-security/issues/11783) #### :beetle: Bug Fixes - On Cancel, ObservationWebFilterDecorator Starts After-Filter Span without Stopping It [#14064](https://togithub.com/spring-projects/spring-security/issues/14064) - Authentication not propagated correctly after migrating to SB3 [#14112](https://togithub.com/spring-projects/spring-security/issues/14112) - Authorization does not show up on Features section [#14105](https://togithub.com/spring-projects/spring-security/issues/14105) - Fix obsolete comment and typos [#14060](https://togithub.com/spring-projects/spring-security/pull/14060) - Fix typo in documentation [#14130](https://togithub.com/spring-projects/spring-security/pull/14130) - improve render in headers.adoc [#14102](https://togithub.com/spring-projects/spring-security/issues/14102) - ReactiveRemoteJWKSource caches invalid response status into jwkSetURL [#14042](https://togithub.com/spring-projects/spring-security/issues/14042) - References to WebFlux docs do not link to them [#14108](https://togithub.com/spring-projects/spring-security/issues/14108) - relay_state should not be included in signing calculation when it is null [#14039](https://togithub.com/spring-projects/spring-security/issues/14039) - samesite set by Tomcat CookieProcessor ignored when creating XSRF-TOKEN cookie in CsrfTokenRepository [#14138](https://togithub.com/spring-projects/spring-security/issues/14138) - Security configuration is failed to be initialized in a Servlet 6.0 container [#14166](https://togithub.com/spring-projects/spring-security/issues/14166) - Spring Security documentation confuses "idempotent" with "read-only" in CSRF section [#14115](https://togithub.com/spring-projects/spring-security/issues/14115) - Spring Security metric names should not contain dashes [#14067](https://togithub.com/spring-projects/spring-security/issues/14067) - spring.security counters inaccurate due onComplete and cancel() [#14147](https://togithub.com/spring-projects/spring-security/issues/14147) - The latest "OAuth2AuthorizedClientManager" class is not AOT ready [#14094](https://togithub.com/spring-projects/spring-security/issues/14094) - UnboundIdContainer should be marked as not running at shutdown [#14095](https://togithub.com/spring-projects/spring-security/issues/14095) #### :hammer: Dependency Upgrades - Bump io-spring-javaformat from 0.0.39 to 0.0.40 [#14156](https://togithub.com/spring-projects/spring-security/pull/14156) - Bump io.micrometer:micrometer-observation from 1.12.0-RC1 to 1.12.0 [#14135](https://togithub.com/spring-projects/spring-security/pull/14135) - Bump io.projectreactor:reactor-bom from 2023.0.0-RC1 to 2023.0.0 [#14145](https://togithub.com/spring-projects/spring-security/pull/14145) - Bump org.junit:junit-bom from 5.10.0 to 5.10.1 [#14097](https://togithub.com/spring-projects/spring-security/pull/14097) - Bump org.springframework.data:spring-data-bom from 2023.1.0-RC1 to 2023.1.0 [#14172](https://togithub.com/spring-projects/spring-security/pull/14172) - Bump org.springframework.ldap:spring-ldap-core from 3.2.0-RC1 to 3.2.0 [#14155](https://togithub.com/spring-projects/spring-security/pull/14155) - Bump org.springframework:spring-framework-bom from 6.1.0-RC1 to 6.1.0-RC2 [#14055](https://togithub.com/spring-projects/spring-security/pull/14055) - Bump org.springframework:spring-framework-bom from 6.1.0-RC2 to 6.1.0 [#14157](https://togithub.com/spring-projects/spring-security/pull/14157) #### :heart: Contributors We'd like to thank all the contributors who worked on this release! - [@nico-ortiz](https://togithub.com/nico-ortiz) - [@dependabot\[bot\]](https://togithub.com/apps/dependabot) - [@martin-lukas](https://togithub.com/martin-lukas)Configuration
š Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.