diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml index 58358c6e59..65201e4596 100644 --- a/.github/workflows/continuous-integration-workflow.yml +++ b/.github/workflows/continuous-integration-workflow.yml @@ -3,7 +3,7 @@ name: CI on: push: branches: - - master + - main schedule: - cron: '0 10 * * *' # Once per day at 10am UTC workflow_dispatch: # Manual trigger @@ -102,16 +102,16 @@ jobs: uses: actions/setup-java@v1 with: java-version: '11' - - name: Run Sonar on given (non-master) branch - if: ${{ github.ref != 'refs/heads/master' }} + - name: Run Sonar on given (non-main) branch + if: ${{ github.ref != 'refs/heads/main' }} run: | export BRANCH=${GITHUB_REF#refs/heads/} export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" export GRADLE_ENTERPRISE_ACCESS_KEY="$GRADLE_ENTERPRISE_SECRET_ACCESS_KEY" ./gradlew sonarqube -PartifactoryUsername="$ARTIFACTORY_USERNAME" -PartifactoryPassword="$ARTIFACTORY_PASSWORD" -PexcludeProjects='**/samples/**' -Dsonar.projectKey="spring-security-${GITHUB_REF#refs/heads/}" -Dsonar.projectName="spring-security-${GITHUB_REF#refs/heads/}" -Dsonar.host.url="$SONAR_URL" -Dsonar.login="$SONAR_TOKEN" --stacktrace - - name: Run Sonar on master - if: ${{ github.ref == 'refs/heads/master' }} + - name: Run Sonar on main + if: ${{ github.ref == 'refs/heads/main' }} run: | export GRADLE_ENTERPRISE_CACHE_USERNAME="$GRADLE_ENTERPRISE_CACHE_USER" export GRADLE_ENTERPRISE_CACHE_PASSWORD="$GRADLE_ENTERPRISE_CACHE_PASSWORD" diff --git a/CONTRIBUTING.adoc b/CONTRIBUTING.adoc index e951f69040..0599fb99ec 100644 --- a/CONTRIBUTING.adoc +++ b/CONTRIBUTING.adoc @@ -4,7 +4,7 @@ _Please refer back to this document as a checklist before issuing any pull reque = Code of Conduct -Please see our https://github.com/spring-projects/.github/blob/master/CODE_OF_CONDUCT.md[code of conduct]. +Please see our https://github.com/spring-projects/.github/blob/main/CODE_OF_CONDUCT.md[code of conduct]. = Similar but different @@ -43,9 +43,9 @@ If you're considering anything more than correcting a typo or fixing a minor bug If you have not previously done so, please fill out and submit the https://cla.pivotal.io/sign/spring[Contributor License Agreement]. -= Create your branch from master += Create your branch from main -Create your topic branch to be submitted as a pull request from master. The Spring team will consider your pull request for backporting on a case-by-case basis; you don't need to worry about submitting anything for backporting. +Create your topic branch to be submitted as a pull request from main. The Spring team will consider your pull request for backporting on a case-by-case basis; you don't need to worry about submitting anything for backporting. = Use short branch names diff --git a/README.adoc b/README.adoc index 4fda007d1a..6cb3f95061 100644 --- a/README.adoc +++ b/README.adoc @@ -1,6 +1,6 @@ image::https://badges.gitter.im/Join%20Chat.svg[Gitter,link=https://gitter.im/spring-projects/spring-security?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge] -image:https://github.com/spring-projects/spring-security/workflows/CI/badge.svg?branch=master["Build Status", link="https://github.com/spring-projects/spring-security/actions?query=workflow%3ACI"] +image:https://github.com/spring-projects/spring-security/workflows/CI/badge.svg?branch=main["Build Status", link="https://github.com/spring-projects/spring-security/actions?query=workflow%3ACI"] image:https://img.shields.io/badge/Revved%20up%20by-Gradle%20Enterprise-06A0CE?logo=Gradle&labelColor=02303A["Revved up by Gradle Enterprise", link="https://ge.spring.io/scans?search.rootProjectNames=spring-security"] @@ -12,7 +12,7 @@ a minimum and also requires Java 8. For a detailed list of features and access to the latest release, please visit https://spring.io/projects[Spring projects]. == Code of Conduct -Please see our https://github.com/spring-projects/.github/blob/master/CODE_OF_CONDUCT.md[code of conduct] +Please see our https://github.com/spring-projects/.github/blob/main/CODE_OF_CONDUCT.md[code of conduct] == Downloading Artifacts See https://docs.spring.io/spring-security/site/docs/current/reference/html5/#getting[Getting Spring Security] for how to obtain Spring Security. @@ -60,7 +60,7 @@ Check out the https://stackoverflow.com/questions/tagged/spring-security[Spring https://spring.io/services[Commercial support] is available too. == Contributing -https://help.github.com/articles/creating-a-pull-request[Pull requests] are welcome; see the https://github.com/spring-projects/spring-security/blob/master/CONTRIBUTING.adoc[contributor guidelines] for details. +https://help.github.com/articles/creating-a-pull-request[Pull requests] are welcome; see the https://github.com/spring-projects/spring-security/blob/main/CONTRIBUTING.adoc[contributor guidelines] for details. == License Spring Security is Open Source software released under the diff --git a/buildSrc/src/main/java/org/springframework/gradle/sagan/SaganApi.java b/buildSrc/src/main/java/org/springframework/gradle/sagan/SaganApi.java index d40f296c20..24eeb3111c 100644 --- a/buildSrc/src/main/java/org/springframework/gradle/sagan/SaganApi.java +++ b/buildSrc/src/main/java/org/springframework/gradle/sagan/SaganApi.java @@ -23,7 +23,7 @@ import java.io.IOException; import java.util.Base64; /** - * Implements necessary calls to the Sagan API See https://github.com/spring-io/sagan/blob/master/sagan-site/src/docs/asciidoc/index.adoc + * Implements necessary calls to the Sagan API See https://spring.io/restdocs/index.html */ public class SaganApi { private String baseUrl = "https://spring.io/api"; diff --git a/docs/guides/spring-security-docs-guides.gradle b/docs/guides/spring-security-docs-guides.gradle index 6c337c030a..8876dddd93 100644 --- a/docs/guides/spring-security-docs-guides.gradle +++ b/docs/guides/spring-security-docs-guides.gradle @@ -28,7 +28,7 @@ ext.spec = copySpec { } def getDownloadUrl() { - snapshotBuild ? "https://github.com/spring-projects/spring-security/archive/master.zip" : "https://github.com/spring-projects/spring-security/archive/${project.version}.zip" + snapshotBuild ? "https://github.com/spring-projects/spring-security/archive/main.zip" : "https://github.com/spring-projects/spring-security/archive/${project.version}.zip" } diff --git a/docs/guides/src/docs/asciidoc/Guardfile b/docs/guides/src/docs/asciidoc/Guardfile index ec57b640f2..1075c0114c 100644 --- a/docs/guides/src/docs/asciidoc/Guardfile +++ b/docs/guides/src/docs/asciidoc/Guardfile @@ -5,7 +5,7 @@ guard 'shell' do watch(/^.*\.asc$/) {|m| Asciidoctor.render_file(m[0], :to_dir => "build/", :safe => Asciidoctor::SafeMode::UNSAFE, :attributes=> {'toc' => '', 'idprefix' => '', 'idseparator' => '-', 'copycss' => '', 'icons' => 'font', 'source-highlighter' => 'prettify', 'sectanchors' => '', 'toc-placement' => 'preamble', 'revnumber' => '3.2.0.CI-SNAPSHOT', 'spring-security-version' => '3.2.0.CI-SNAPSHOT', - 'download-url' => 'https://github.com/spring-projects/spring-security/archive/master.zip', + 'download-url' => 'https://github.com/spring-projects/spring-security/archive/main.zip', 'include-maven-repository' => '_includes/maven-repository-snapshot.asc' }) } end diff --git a/docs/manual/spring-security-docs-manual.gradle b/docs/manual/spring-security-docs-manual.gradle index a0a2ececd9..75c245f7de 100644 --- a/docs/manual/spring-security-docs-manual.gradle +++ b/docs/manual/spring-security-docs-manual.gradle @@ -14,7 +14,7 @@ asciidoctor { } asciidoctorj { - def ghTag = snapshotBuild ? 'master' : project.version + def ghTag = snapshotBuild ? 'main' : project.version def ghUrl = "https://github.com/spring-projects/spring-security/tree/$ghTag" attributes 'spring-security-version' : project.version, 'spring-boot-version' : springBootVersion, diff --git a/docs/manual/src/docs/asciidoc/_includes/about/community.adoc b/docs/manual/src/docs/asciidoc/_includes/about/community.adoc index dc83c0c68c..893d17727b 100644 --- a/docs/manual/src/docs/asciidoc/_includes/about/community.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/about/community.adoc @@ -19,7 +19,7 @@ The following are some of the best ways to get help: == Becoming Involved We welcome your involvement in the Spring Security project. There are many ways to contribute, including answering questions on Stack Overflow, writing new code, improving existing code, assisting with documentation, developing samples or tutorials, reporting bugs, or simply making suggestions. -For more information, see our https://github.com/spring-projects/spring-security/blob/master/CONTRIBUTING.adoc[Contributing] documentation. +For more information, see our https://github.com/spring-projects/spring-security/blob/main/CONTRIBUTING.adoc[Contributing] documentation. [[community-source]] == Source Code diff --git a/docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc b/docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc index 4dc59526cc..694b905093 100644 --- a/docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/reactive/x509.adoc @@ -49,4 +49,4 @@ public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) { In this example, a username is extracted from the OU field of a client certificate instead of CN, and account lookup using `ReactiveUserDetailsService` is not performed at all. Instead, if the provided certificate issued to an OU named "Trusted Org Unit", a request will be authenticated. -For an example of configuring Netty and `WebClient` or `curl` command-line tool to use mutual TLS and enable X.509 authentication, please refer to https://github.com/spring-projects/spring-security/tree/master/samples/boot/webflux-x509. +For an example of configuring Netty and `WebClient` or `curl` command-line tool to use mutual TLS and enable X.509 authentication, please refer to https://github.com/spring-projects/spring-security-samples/tree/main/servlet/java-configuration/authentication/x509. diff --git a/docs/manual/src/docs/asciidoc/_includes/servlet/appendix/namespace.adoc b/docs/manual/src/docs/asciidoc/_includes/servlet/appendix/namespace.adoc index a9e321ff59..87d802ca8e 100644 --- a/docs/manual/src/docs/asciidoc/_includes/servlet/appendix/namespace.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/servlet/appendix/namespace.adoc @@ -4,7 +4,7 @@ This appendix provides a reference to the elements available in the security nam If you haven't used the namespace before, please read the <> on namespace configuration, as this is intended as a supplement to the information there. Using a good quality XML editor while editing a configuration based on the schema is recommended as this will provide contextual information on which elements and attributes are available as well as comments explaining their purpose. The namespace is written in https://relaxng.org/[RELAX NG] Compact format and later converted into an XSD schema. -If you are familiar with this format, you may wish to examine the https://raw.githubusercontent.com/spring-projects/spring-security/master/config/src/main/resources/org/springframework/security/config/spring-security-4.1.rnc[schema file] directly. +If you are familiar with this format, you may wish to examine the https://raw.githubusercontent.com/spring-projects/spring-security/main/config/src/main/resources/org/springframework/security/config/spring-security-4.1.rnc[schema file] directly. [[nsa-web]] === Web Application Security diff --git a/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/servlet-api.adoc b/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/servlet-api.adoc index e57d545c15..5e4077c3f9 100644 --- a/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/servlet-api.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/servlet-api.adoc @@ -1,7 +1,6 @@ [[servletapi]] == Servlet API integration This section describes how Spring Security is integrated with the Servlet API. -The https://github.com/spring-projects/spring-security/tree/master/samples/xml/servletapi[servletapi-xml] sample application demonstrates the usage of each of these methods. [[servletapi-25]] diff --git a/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/websocket.adoc b/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/websocket.adoc index fcd99840d9..ffcf46b5a4 100644 --- a/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/websocket.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/websocket.adoc @@ -4,8 +4,6 @@ Spring Security 4 added support for securing https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html[Spring's WebSocket support]. This section describes how to use Spring Security's WebSocket support. -NOTE: You can find a complete working sample of WebSocket security at https://github.com/spring-projects/spring-session/tree/master/spring-session-samples/spring-session-sample-boot-websocket. - .Direct JSR-356 Support **** Spring Security does not provide direct JSR-356 support because doing so would provide little value. diff --git a/docs/manual/src/docs/asciidoc/_includes/servlet/java-configuration/index.adoc b/docs/manual/src/docs/asciidoc/_includes/servlet/java-configuration/index.adoc index 6367f402f6..3ba5432ddc 100644 --- a/docs/manual/src/docs/asciidoc/_includes/servlet/java-configuration/index.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/servlet/java-configuration/index.adoc @@ -7,7 +7,7 @@ Since Spring Security 3.2 there has been Spring Security Java Configuration supp If you are familiar with the <> then you should find quite a few similarities between it and the Security Java Configuration support. -NOTE: Spring Security provides https://github.com/spring-projects/spring-security/tree/master/samples/javaconfig[lots of sample applications] which demonstrate the use of Spring Security Java Configuration. +NOTE: Spring Security provides https://github.com/spring-projects/spring-security-samples/tree/main/servlet/java-configuration[lots of sample applications] which demonstrate the use of Spring Security Java Configuration. == Hello Web Security Java Configuration diff --git a/docs/manual/src/docs/asciidoc/_includes/servlet/kotlin-configuration/index.adoc b/docs/manual/src/docs/asciidoc/_includes/servlet/kotlin-configuration/index.adoc index 2e38e0ec35..767ab7ed80 100644 --- a/docs/manual/src/docs/asciidoc/_includes/servlet/kotlin-configuration/index.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/servlet/kotlin-configuration/index.adoc @@ -4,7 +4,7 @@ Spring Security Kotlin Configuration support has been available since Spring Security 5.3. It enables users to easily configure Spring Security using a native Kotlin DSL. -NOTE: Spring Security provides https://github.com/spring-projects/spring-security/tree/master/samples/boot/kotlin[a sample application] which demonstrates the use of Spring Security Kotlin Configuration. +NOTE: Spring Security provides https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/kotlin/hello-security[a sample application] which demonstrates the use of Spring Security Kotlin Configuration. [[kotlin-config-httpsecurity]] == HttpSecurity