Bump io.mockk:mockk from 1.14.7 to 1.14.9

2026-02-08 22:44:35 +00:00 · 2026-01-27 11:17:24 -06:00 · 2026-01-27 11:17:24 -06:00 · a8b5c8fe02
commit a8b5c8fe02
parent 054ff7421b c7d52242fb
25 changed files with 49 additions and 8 deletions
--- a/bom/spring-security-bom.gradle
+++ b/bom/spring-security-bom.gradle
@ -1,6 +1,7 @@
 import io.spring.gradle.convention.SpringModulePlugin

 apply plugin: 'io.spring.convention.bom'
+apply plugin: 'compile-warnings-error'

 dependencies {
 	constraints {
--- a/dependencies/spring-security-dependencies.gradle
+++ b/dependencies/spring-security-dependencies.gradle
@ -1,5 +1,6 @@
 plugins {
 	id 'java-platform'
+	id 'compile-warnings-error'
 }

 javaPlatform {
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@ -16,7 +16,7 @@ org-springframework = "7.0.3"
 com-password4j = "1.8.4"

 [libraries]
-ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.25"
+ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.5.26"
 com-fasterxml-jackson-jackson-bom = "com.fasterxml.jackson:jackson-bom:2.20.2"
 com-google-inject-guice = "com.google.inject:guice:3.0"
 com-netflix-nebula-nebula-project-plugin = "com.netflix.nebula:nebula-project-plugin:8.2.0"
@ -29,7 +29,7 @@ com-jayway-jsonpath-json-path = "com.jayway.jsonpath:json-path:2.9.0"
 commons-collections = "commons-collections:commons-collections:3.2.2"
 io-micrometer-context-propagation = "io.micrometer:context-propagation:1.1.3"
 io-micrometer-micrometer-observation = "io.micrometer:micrometer-observation:1.14.14"
-io-mockk = "io.mockk:mockk:1.14.7"
+io-mockk = "io.mockk:mockk:1.14.9"
 io-projectreactor-reactor-bom = "io.projectreactor:reactor-bom:2025.0.2"
 io-rsocket-rsocket-bom = { module = "io.rsocket:rsocket-bom", version.ref = "io-rsocket" }
 io-spring-javaformat-spring-javaformat-checkstyle = { module = "io.spring.javaformat:spring-javaformat-checkstyle", version.ref = "io-spring-javaformat" }
@ -59,7 +59,7 @@ org-apereo-cas-client-cas-client-core = "org.apereo.cas.client:cas-client-core:4
 io-freefair-gradle-aspectj-plugin = "io.freefair.gradle:aspectj-plugin:8.13.1"
 org-aspectj-aspectjrt = { module = "org.aspectj:aspectjrt", version.ref = "org-aspectj" }
 org-aspectj-aspectjweaver = { module = "org.aspectj:aspectjweaver", version.ref = "org-aspectj" }
-org-assertj-assertj-core = "org.assertj:assertj-core:3.27.6"
+org-assertj-assertj-core = "org.assertj:assertj-core:3.27.7"
 org-bouncycastle-bcpkix-jdk15on = { module = "org.bouncycastle:bcpkix-jdk18on", version.ref = "org-bouncycastle" }
 org-bouncycastle-bcprov-jdk15on = { module = "org.bouncycastle:bcprov-jdk18on", version.ref = "org-bouncycastle" }
 org-eclipse-jetty-jetty-server = { module = "org.eclipse.jetty:jetty-server", version.ref = "org-eclipse-jetty" }
--- a/javascript/spring-security-javascript.gradle
+++ b/javascript/spring-security-javascript.gradle
@ -18,6 +18,7 @@
 plugins {
    id 'base'
    id 'com.github.node-gradle.node' version '7.1.0'
+    id 'compile-warnings-error'
 }

 node {
--- a/kerberos/kerberos-client/spring-security-kerberos-client.gradle
+++ b/kerberos/kerberos-client/spring-security-kerberos-client.gradle
@ -2,6 +2,7 @@ plugins {
 	id 'security-nullability'
 	id 'io.spring.convention.spring-module'
 	id 'javadoc-warnings-error'
+	id 'compile-warnings-error'
 }

 description = 'Spring Security Kerberos Client'
--- a/kerberos/kerberos-core/spring-security-kerberos-core.gradle
+++ b/kerberos/kerberos-core/spring-security-kerberos-core.gradle
@ -2,6 +2,7 @@ plugins {
 	id 'security-nullability'
 	id 'io.spring.convention.spring-module'
 	id 'javadoc-warnings-error'
+	id 'compile-warnings-error'
 }

 description = 'Spring Security Kerberos Core'
--- a/kerberos/kerberos-test/spring-security-kerberos-test.gradle
+++ b/kerberos/kerberos-test/spring-security-kerberos-test.gradle
@ -1,6 +1,7 @@
 plugins {
 	id 'io.spring.convention.spring-module'
 	id 'javadoc-warnings-error'
+	id 'compile-warnings-error'
 	id 'security-nullability'
 }

--- a/kerberos/kerberos-web/spring-security-kerberos-web.gradle
+++ b/kerberos/kerberos-web/spring-security-kerberos-web.gradle
@ -2,6 +2,7 @@ plugins {
 	id 'security-nullability'
 	id 'io.spring.convention.spring-module'
 	id 'javadoc-warnings-error'
+	id 'compile-warnings-error'
 }

 description = 'Spring Security Kerberos Web'
--- a/ldap/spring-security-ldap.gradle
+++ b/ldap/spring-security-ldap.gradle
@ -1,5 +1,6 @@
 apply plugin: 'io.spring.convention.spring-module'
 apply plugin: 'javadoc-warnings-error'
+apply plugin: 'compile-warnings-error'

 dependencies {
 	management platform(project(":spring-security-dependencies"))
--- a/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java
+++ b/ldap/src/integration-test/java/org/springframework/security/ldap/DefaultSpringSecurityContextSourceTests.java
@ -68,6 +68,7 @@ public class DefaultSpringSecurityContextSourceTests {
 	}

 	@Test
+	@SuppressWarnings({ "unchecked", "rawtypes" })
 	public void poolingFlagIsSetWhenAuthenticationDnMatchesManagerUserDn() {
 		EnvExposingDefaultSpringSecurityContextSource ctxSrc = new EnvExposingDefaultSpringSecurityContextSource(
 				"ldap://blah:789/dc=springframework,dc=org");
@ -79,6 +80,7 @@ public class DefaultSpringSecurityContextSourceTests {
 	}

 	@Test
+	@SuppressWarnings({ "unchecked", "rawtypes" })
 	public void poolingFlagIsNotSetWhenAuthenticationDnIsNotManagerUserDn() {
 		EnvExposingDefaultSpringSecurityContextSource ctxSrc = new EnvExposingDefaultSpringSecurityContextSource(
 				"ldap://blah:789/dc=springframework,dc=org");
@ -170,13 +172,13 @@ public class DefaultSpringSecurityContextSourceTests {
 			.isThrownBy(() -> new DefaultSpringSecurityContextSource(serverUrls, "dc=springframework,dc=org"));
 	}

+	@SuppressWarnings({ "unchecked", "rawtypes" })
 	static class EnvExposingDefaultSpringSecurityContextSource extends DefaultSpringSecurityContextSource {

 		EnvExposingDefaultSpringSecurityContextSource(String providerUrl) {
 			super(providerUrl);
 		}

-		@SuppressWarnings("unchecked")
 		Hashtable getAuthenticatedEnvForTest(String userDn, String password) {
 			return getAuthenticatedEnv(userDn, password);
 		}
--- a/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java
+++ b/ldap/src/integration-test/java/org/springframework/security/ldap/SpringSecurityLdapTemplateITests.java
@ -89,6 +89,7 @@ public class SpringSecurityLdapTemplateITests {
 	// }

 	@Test
+	@SuppressWarnings("unchecked")
 	public void namingExceptionIsTranslatedCorrectly() {
 		assertThatExceptionOfType(UncategorizedLdapException.class)
 			.isThrownBy(() -> this.template.executeReadOnly((ContextExecutor) (dirContext) -> {
--- a/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java
+++ b/ldap/src/integration-test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorTests.java
@ -47,6 +47,7 @@ import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException
 */
@ExtendWith(SpringExtension.class)
@ContextConfiguration(classes = UnboundIdContainerConfig.class)
+@SuppressWarnings("deprecation")
 public class PasswordComparisonAuthenticatorTests {

 	@Autowired
--- a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java
+++ b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests.java
@ -57,6 +57,7 @@ public class DefaultLdapAuthoritiesPopulatorGetGrantedAuthoritiesTests {
 	}

 	@Test
+	@SuppressWarnings("deprecation")
 	public void groupSearchDoesNotAllowNullRoles() {
 		this.populator.setRolePrefix("ROLE_");
 		this.populator.setGroupRoleAttribute("ou");
--- a/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java
+++ b/ldap/src/integration-test/java/org/springframework/security/ldap/userdetails/NestedLdapAuthoritiesPopulatorTests.java
@ -116,6 +116,7 @@ public class NestedLdapAuthoritiesPopulatorTests {
 	}

 	@Test
+	@SuppressWarnings("unchecked")
 	public void testClosureDudeJDevelopersWithMembershipAsAttributeValues() {
 		this.populator.setAttributeNames(new HashSet(Arrays.asList("member")));

--- a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticationProvider.java
@ -21,11 +21,11 @@ import java.util.LinkedHashSet;

 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.jspecify.annotations.NonNull;

 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.lang.NonNull;
 import org.springframework.ldap.core.DirContextOperations;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.BadCredentialsException;
--- a/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/AbstractLdapAuthenticator.java
@ -21,11 +21,12 @@ import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;

+import org.jspecify.annotations.NonNull;
+
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.context.MessageSource;
 import org.springframework.context.MessageSourceAware;
 import org.springframework.context.support.MessageSourceAccessor;
-import org.springframework.lang.NonNull;
 import org.springframework.ldap.core.ContextSource;
 import org.springframework.security.core.SpringSecurityMessageSource;
 import org.springframework.security.ldap.search.LdapUserSearch;
--- a/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticator.java
@ -52,14 +52,27 @@ public final class PasswordComparisonAuthenticator extends AbstractLdapAuthentic

 	private static final Log logger = LogFactory.getLog(PasswordComparisonAuthenticator.class);

-	private PasswordEncoder passwordEncoder = new LdapShaPasswordEncoder(KeyGenerators.shared(0));
+	private PasswordEncoder passwordEncoder;

 	private String passwordAttributeName = "userPassword";

 	private boolean usePasswordAttrCompare = false;

+	/**
+	 * @deprecated Use
+	 * {@link #PasswordComparisonAuthenticator(BaseLdapPathContextSource, PasswordEncoder)}
+	 * instead
+	 */
+	@Deprecated(since = "7.1")
+	@SuppressWarnings("deprecation")
 	public PasswordComparisonAuthenticator(BaseLdapPathContextSource contextSource) {
+		this(contextSource, new LdapShaPasswordEncoder(KeyGenerators.shared(0)));
+	}
+
+	public PasswordComparisonAuthenticator(BaseLdapPathContextSource contextSource, PasswordEncoder passwordEncoder) {
 		super(contextSource);
+		Assert.notNull(passwordEncoder, "passwordEncoder must not be null");
+		this.passwordEncoder = passwordEncoder;
 	}

 	@Override
--- a/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/server/UnboundIdContainer.java
@ -25,6 +25,7 @@ import com.unboundid.ldap.sdk.DN;
 import com.unboundid.ldap.sdk.Entry;
 import com.unboundid.ldap.sdk.LDAPException;
 import com.unboundid.ldif.LDIFReader;
+import org.jspecify.annotations.NonNull;

 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.DisposableBean;
@ -34,7 +35,6 @@ import org.springframework.context.ApplicationContextAware;
 import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.Lifecycle;
 import org.springframework.core.io.Resource;
-import org.springframework.lang.NonNull;
 import org.springframework.util.StringUtils;

 /**
--- a/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java
+++ b/ldap/src/main/java/org/springframework/security/ldap/userdetails/LdapUserDetailsManager.java
@ -369,6 +369,7 @@ public class LdapUserDetailsManager implements UserDetailsManager {
 		this.groupSearchFilter = "(" + groupMemberAttributeName + "={0})";
 	}

+	@SuppressWarnings("unchecked")
 	public void setRoleMapper(AttributesMapper roleMapper) {
 		this.roleMapper = roleMapper;
 	}
--- a/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java
+++ b/ldap/src/test/java/org/springframework/security/ldap/authentication/PasswordComparisonAuthenticatorMockTests.java
@ -35,9 +35,11 @@ import static org.mockito.Mockito.mock;
 /**
 * @author Luke Taylor
 */
+@SuppressWarnings("deprecation")
 public class PasswordComparisonAuthenticatorMockTests {

 	@Test
+	@SuppressWarnings("unchecked")
 	public void ldapCompareOperationIsUsedWhenPasswordIsNotRetrieved() throws Exception {
 		final DirContext dirCtx = mock(DirContext.class);
 		final BaseLdapPathContextSource source = mock(BaseLdapPathContextSource.class);
--- a/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java
+++ b/ldap/src/test/java/org/springframework/security/ldap/userdetails/UserDetailsServiceLdapAuthoritiesPopulatorTests.java
@ -38,6 +38,7 @@ import static org.mockito.Mockito.mock;
 public class UserDetailsServiceLdapAuthoritiesPopulatorTests {

 	@Test
+	@SuppressWarnings("unchecked")
 	public void delegationToUserDetailsServiceReturnsCorrectRoles() {
 		UserDetailsService uds = mock(UserDetailsService.class);
 		UserDetails user = mock(UserDetails.class);
--- a/messaging/spring-security-messaging.gradle
+++ b/messaging/spring-security-messaging.gradle
@ -1,6 +1,7 @@
 plugins {
 	id 'security-nullability'
 	id 'javadoc-warnings-error'
+	id 'compile-warnings-error'
 }

 apply plugin: 'io.spring.convention.spring-module'
--- a/rsocket/spring-security-rsocket.gradle
+++ b/rsocket/spring-security-rsocket.gradle
@ -1,4 +1,5 @@
 plugins {
+	id 'compile-warnings-error'
 	id 'security-nullability'
 }

@ -8,6 +9,7 @@ dependencies {
 	management platform(project(":spring-security-dependencies"))
 	api project(':spring-security-core')
 	api 'io.rsocket:rsocket-core'
+	compileOnly 'com.google.code.findbugs:jsr305:3.0.2'
 	optional project(':spring-security-oauth2-resource-server')
 	optional 'org.springframework:spring-messaging'
 	testImplementation 'io.projectreactor:reactor-test'
--- a/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle
+++ b/saml2/saml2-service-provider/spring-security-saml2-service-provider.gradle
@ -1,3 +1,7 @@
+plugins {
+	id 'compile-warnings-error'
+}
+
 apply plugin: 'io.spring.convention.spring-module'

 configurations {
@ -109,6 +113,7 @@ dependencies {

 	testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
 	testRuntimeOnly 'org.hsqldb:hsqldb'
+	opensamlFiveMain "org.apiguardian:apiguardian-api:1.1.2"
 }

 jar {
--- a/taglibs/spring-security-taglibs.gradle
+++ b/taglibs/spring-security-taglibs.gradle
@ -1,5 +1,6 @@
 plugins {
 	id 'security-nullability'
+	id 'compile-warnings-error'
 }

 apply plugin: 'io.spring.convention.spring-module'