Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-08-01 07:03:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,827 Commits 39 Branches 351 Tags
Commit Graph

17827 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
a411fb7b8d Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-31 10:21:26 -06:00
Michał Sobkiewicz
c963f4250e Update Angular documentation links in csrf.adoc 
Replaced `angular.io` links with their corresponding `angular.dev` URLs.
This change ensures that users referencing CSRF documentation are
directed to the most current Angular resources.

Signed-off-by: Michał Sobkiewicz <perceptron8@users.noreply.github.com>
 2025-07-31 10:21:06 -06:00
Josh Cummings
3c93a6728d Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-31 09:31:07 -06:00
dependabot[bot]
97597389cc Bump org.gretty:gretty from 4.1.6 to 4.1.7 
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-31 09:29:13 -06:00
dependabot[bot]
6dba7b5051 Bump io.spring.gradle:spring-security-release-plugin 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-31 09:28:43 -06:00
dependabot[bot]
aa83b852b8 Bump org.gretty:gretty from 4.1.6 to 4.1.7 
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-31 09:28:20 -06:00
dependabot[bot]
c82dffc03f Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.23 to 0.0.24.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.23...v0.0.24)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-31 09:27:49 -06:00
Josh Cummings
63e4156b49 Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-30 12:14:03 -06:00
dependabot[bot]
de14fb8f77 Bump @springio/antora-extensions from 1.14.6 to 1.14.7 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.6 to 1.14.7.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-30 11:50:19 -06:00
dependabot[bot]
0ba2b3e0eb Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-30 11:47:23 -06:00
dependabot[bot]
4c0d1fcc60 Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-30 11:47:04 -06:00
dependabot[bot]
ccf66f338b Bump io.spring.gradle:spring-security-release-plugin 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-30 11:46:22 -06:00
dependabot[bot]
94cb87c696 Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.8 to 6.2.9.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-30 11:45:53 -06:00
dependabot[bot]
8b92f08c75 Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-30 11:45:26 -06:00
dependabot[bot]
7e112bf652 Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.23.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.20.Final to 6.6.23.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.23/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.20...6.6.23)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.23.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-30 11:39:24 -06:00
Rob Winch
f2769e6eff
Fix META-INF/LICENSE.txt 
Previously the update put everything into META-INF

Issue gh-17638
 2025-07-29 15:29:47 -05:00
Rob Winch
d5107dd752
Merge Add META-INF/LICENSE.txt to published jars 2025-07-29 10:55:43 -05:00
Rob Winch
ead8ec6e35
Add META-INF/LICENSE.txt to published jars 
Closes gh-17638
 2025-07-29 10:46:51 -05:00
Josh Cummings
452d311a9b Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-29 09:27:23 -06:00
Bernie Schelberg
edcb3b024e Update Shibboleth repository URL 
Signed-off-by: Bernie Schelberg <bernard.schelberg@invicara.com>
 2025-07-29 09:26:42 -06:00
Rob Winch
392129b616
Use 2004-present Copyright Header 
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
 2025-07-29 09:45:23 -05:00
Rob Winch
26600dab01
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 2025-07-23 09:39:47 -05:00
Rob Winch
bb279c166e
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 2025-07-23 09:39:44 -05:00
Rob Winch
95c5851fbb
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-23 09:39:42 -05:00
Rob Winch
d5bde7f3ec
Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 2025-07-23 09:39:39 -05:00
Rob Winch
f32e1eb265
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-23 09:39:34 -05:00
dependabot[bot]
79f107de76
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:49:22 +00:00
dependabot[bot]
0d1b73e291
Bump io.spring.gradle:spring-security-release-plugin 
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:49:13 +00:00
dependabot[bot]
dbd2ea2992
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 
---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:49:09 +00:00
dependabot[bot]
ec867129a8
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 
---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:49:07 +00:00
dependabot[bot]
0d434ee351
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:48:57 +00:00
github-actions[bot]
7da30c27e4 Next development version 2025-07-21 19:13:12 +00:00
github-actions[bot]
4fe9d915b6 Release 6.4.8 6.4.8 2025-07-21 18:34:22 +00:00
Rob Winch
e38c059e7c
Fix samples branch 2025-07-21 09:42:08 -05:00
Rob Winch
829af961f0
Use Meaningful Configurer Names in Test 
This just renames the Configurer names used in
AbstractConfiguredSecurityBuilderTests to be more meaningful.

Issue gh-17020 gh-17011

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-07-21 09:27:36 -05:00
Rob Winch
fca704e61f
Fix getConfigurersInInitializing Semantics 
A getter should not mutate state. This removes getConfigurersInInitializing
in favor of inline code since this is just used once.

Issue gh-17020 gh-17011

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-07-21 09:27:36 -05:00
Rob Winch
ea9dd2728e
Support add nested security configurers during builder initialization 
Closes gh-17011

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2025-07-21 09:27:27 -05:00
Rob Winch
258aa66f0d
Merge branch '6.3.x' into 6.4.x 2025-07-21 08:20:16 -05:00
Rob Winch
d5d31a0892
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-21 08:11:46 -05:00
Rob Winch
1b3f8435ce
Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.22.Final 2025-07-21 08:11:44 -05:00
Rob Winch
22fbbb9365
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-21 08:11:41 -05:00
Rob Winch
f1622351e5
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 2025-07-21 08:11:39 -05:00
Rob Winch
e5c45c9dda
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 2025-07-21 08:11:37 -05:00
Rob Winch
82fa658c9b
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-21 07:52:56 -05:00
dependabot[bot]
51a703a291
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.8 to 6.2.9.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 04:43:53 +00:00
dependabot[bot]
ae689cd220
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.7 to 2024.1.8.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.7...2024.1.8)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 04:41:51 +00:00
dependabot[bot]
2a3d1340d1
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 04:40:58 +00:00
dependabot[bot]
9f40a72f19
Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.22.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.20.Final to 6.6.22.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.22/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.20...6.6.22)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.22.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 04:36:16 +00:00
dependabot[bot]
470384597c
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 04:36:08 +00:00
dependabot[bot]
c27f7206d9
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 04:23:35 +00:00