From bc16a6f72392cc1ff527981cea047d2b86c4398e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 15 Apr 2026 03:09:57 +0000 Subject: [PATCH 1/3] Bump io.projectreactor:reactor-bom from 2025.0.4 to 2025.0.5 Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.4 to 2025.0.5. - [Release notes](https://github.com/reactor/reactor/releases) - [Commits](https://github.com/reactor/reactor/compare/2025.0.4...2025.0.5) --- updated-dependencies: - dependency-name: io.projectreactor:reactor-bom dependency-version: 2025.0.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index a24da0652e..b91c393c00 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -30,7 +30,7 @@ commons-collections = "commons-collections:commons-collections:3.2.2" io-micrometer-context-propagation = "io.micrometer:context-propagation:1.1.4" io-micrometer-micrometer-observation = "io.micrometer:micrometer-observation:1.14.14" io-mockk = "io.mockk:mockk:1.14.9" -io-projectreactor-reactor-bom = "io.projectreactor:reactor-bom:2025.0.4" +io-projectreactor-reactor-bom = "io.projectreactor:reactor-bom:2025.0.5" io-rsocket-rsocket-bom = { module = "io.rsocket:rsocket-bom", version.ref = "io-rsocket" } io-spring-javaformat-spring-javaformat-checkstyle = { module = "io.spring.javaformat:spring-javaformat-checkstyle", version.ref = "io-spring-javaformat" } io-spring-javaformat-spring-javaformat-gradle-plugin = { module = "io.spring.javaformat:spring-javaformat-gradle-plugin", version.ref = "io-spring-javaformat" } From d3e349c29051966f956b01ebf465a62884f21d69 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Apr 2026 16:06:29 +0000 Subject: [PATCH 2/3] Bump com.webauthn4j:webauthn4j-core Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j) from 0.31.1.RELEASE to 0.31.2.RELEASE. - [Release notes](https://github.com/webauthn4j/webauthn4j/releases) - [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.31.1.RELEASE...0.31.2.RELEASE) --- updated-dependencies: - dependency-name: com.webauthn4j:webauthn4j-core dependency-version: 0.31.2.RELEASE dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index b91c393c00..09df9df029 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -102,7 +102,7 @@ org-sonarsource-scanner-gradle-sonarqube-gradle-plugin = "org.sonarsource.scanne org-instancio-instancio-junit = "org.instancio:instancio-junit:3.7.1" spring-nullability = 'io.spring.nullability:io.spring.nullability.gradle.plugin:0.0.6' -webauthn4j-core = 'com.webauthn4j:webauthn4j-core:0.31.1.RELEASE' +webauthn4j-core = 'com.webauthn4j:webauthn4j-core:0.31.2.RELEASE' com-password4j-password4j = { module = "com.password4j:password4j", version.ref = "com-password4j" } [plugins] From 63cd037188299f2e9f5b1fc673b4168717138cfd Mon Sep 17 00:00:00 2001 From: Josh Cummings <3627351+jzheaux@users.noreply.github.com> Date: Fri, 17 Apr 2026 11:15:42 -0600 Subject: [PATCH 3/3] Fix Unit Test Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com> --- .../management/Webauthn4jRelyingPartyOperationsTests.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webauthn/src/test/java/org/springframework/security/web/webauthn/management/Webauthn4jRelyingPartyOperationsTests.java b/webauthn/src/test/java/org/springframework/security/web/webauthn/management/Webauthn4jRelyingPartyOperationsTests.java index 163e2d15f6..3872d9feed 100644 --- a/webauthn/src/test/java/org/springframework/security/web/webauthn/management/Webauthn4jRelyingPartyOperationsTests.java +++ b/webauthn/src/test/java/org/springframework/security/web/webauthn/management/Webauthn4jRelyingPartyOperationsTests.java @@ -488,7 +488,7 @@ class Webauthn4jRelyingPartyOperationsTests { * https://www.w3.org/TR/webauthn-3/#sctn-registering-a-new-credential * * 19. Verify that the "alg" parameter in the credential public key in authData - * matches the alg attribute of one of the items in options.pubKeyCredParams. + * matches the alg attribute of one of the items in pkOptions.pubKeyCredParams. */ @Test void registerCredentialWhenAlgDoesNotMatchOptions() { @@ -503,7 +503,7 @@ class Webauthn4jRelyingPartyOperationsTests { options, new RelyingPartyPublicKey(publicKey, this.label)); assertThatRuntimeException().isThrownBy(() -> this.rpOperations.registerCredential(registrationRequest)) - .withMessageContaining("options.pubKeyCredParams"); + .withMessageContaining("pkOptions.pubKeyCredParams"); } /**