Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-01-17 11:56:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,990 Commits 46 Branches 369 Tags
Commit Graph

19990 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Winch
bd3441caac
Merge branch '6.5.x' into 7.0.x 2026-01-16 15:18:39 -06:00
Robert Winch
8879aa83a3
Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14 2026-01-16 15:17:34 -06:00
Josh Cummings
1f39a3dd3e Merge branch '6.5.x' into 7.0.x 2026-01-15 12:41:22 -07:00
Josh Cummings
84b124d29d Merge branch '6.4.x' into 6.5.x 2026-01-15 12:41:16 -07:00
songhee
fee6a9bb0e docs: add CurrentSecurityContext section and link references 
Signed-off-by: songhee <songhee9327@gmail.com>
 2026-01-15 12:31:58 -07:00
Josh Cummings
d2ed8321b4 Merge branch '6.5.x' into 7.0.x 2026-01-14 14:46:36 -07:00
Guillaume Husta
dd1f097131 Add @FunctionalInterface to RequestMatcher 
Add `@FunctionalInterface` to `RequestMatcher`.

According to the documentation, it is a FunctionalInterface.

See: https://docs.spring.io/spring-security/reference/6.5/servlet/authorization/authorize-http-requests.html#match-by-custom

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2026-01-14 14:45:22 -07:00
Josh Cummings
7690c284c0 Merge branch '6.5.x' into 7.0.x 2026-01-14 14:35:59 -07:00
Guillaume Husta
508b3f26e3 docs: Typo in page Preparing for 7.0 / Web (version 6.5) 
In section 'Include the Servlet Path Prefix in Authorization Rules', `PathPatternRequestParser` should be replaced by `PathPatternRequestMatcher`.

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2026-01-14 14:35:26 -07:00
dependabot[bot]
f2e674ff77
Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2024.0.13 to 2024.0.14.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2024.0.13...2024.0.14)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2024.0.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-14 03:08:22 +00:00
Robert Winch
7fcbf642b8
Use project.artifactory(Username|Password) 2026-01-12 16:05:38 -06:00
Robert Winch
a32d9f04e3
Revert "Use project.artifactory(Username|Password)" 
This reverts commit 9c449000dc0508457d0e4392a46e8ca731ada0fa.
 2026-01-12 16:04:56 -06:00
Robert Winch
9c449000dc
Use project.artifactory(Username|Password) 2026-01-12 15:48:47 -06:00
Robert Winch
63c99b9438
Revert "Update to 7.1.0-SNAPSHOT" 
This reverts commit b77ea8d3a3009940229239b4b442fe902acf4fba.
 2026-01-12 14:31:57 -06:00
Pavel Vassiliev
641d8a362b Fix Gradle 9.0 deprecations 
This commit addresses several build warnings and errors to prepare for
Gradle 9.0 and resolve static analysis issues.
Closes: gh-18472
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
 2026-01-12 13:43:16 -06:00
Andrey Litvitski
13f6286e04 Use DefaultParameterNameDiscoverer#getSharedInstance 
Closes: gh-18330

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-01-12 13:37:32 -06:00
Robert Winch
b77ea8d3a3 Update to 7.1.0-SNAPSHOT 2026-01-12 13:37:32 -06:00
Fr05ty-hub
e9a92a8e9a Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but is referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Fr05ty-hub
ed774d3595 Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but was referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Robert Winch
eb5cc89c69
Merge branch '6.5.x' into 7.0.x 2026-01-09 15:24:51 -06:00
Robert Winch
d6f8a2e928
Merge branch '6.5.x' into 7.0.x 2026-01-09 15:23:06 -06:00
Robert Winch
6a47b5d573
Merge branch '6.4.x' into 6.5.x 2026-01-09 15:22:39 -06:00
github-actions[bot]
e588a3528f Update Antora Spring UI to v0.4.25 2026-01-09 15:22:22 -06:00
github-actions[bot]
7ea5be4b98 Update Antora Spring UI to v0.4.25 2026-01-09 15:21:48 -06:00
Robert Winch
2344fe5ebb Use proper xref syntax 
Incldue the required resource id and required # of the fragment.

See

- https://docs.antora.org/antora/latest/page/xref/#xref-macro
- https://docs.antora.org/antora/latest/page/resource-id-coordinates/#id-resource
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
ba18f681e5 Use xref anchor id 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
3d9bc6a5cf Update mfa.adoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Martin Boulais
1d8ea63a9e Fix typo in HTTP Basic Auth Provider documentation 
The documentation states that setting the header `X-Requested-By` will remove the `WWW-Authenticate` header from the response.
However, after testing this and reading the library code it looks like the header to set is `X-Requested-With` (X-Requested-By is mentioned nowhere except in this documentation file), so I propose this simple PR to fix this.

Signed-off-by: Martin Boulais <31805063+martinboulais@users.noreply.github.com>
 2026-01-08 13:59:34 -06:00
Tran Ngoc Nhan
d20c88ecef Format code 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Tran Ngoc Nhan
79815e044e Fix typos 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Rob Winch
04bba36ee5
Update supported branches in workflow file 
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2026-01-08 13:05:45 -06:00
Robert Winch
5bb99b654f
Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.5.2 2026-01-08 13:02:42 -06:00
Robert Winch
37c15f3b81
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 2026-01-08 13:02:37 -06:00
Robert Winch
0b4dcc4328
Bump org.junit:junit-bom from 6.0.1 to 6.0.2 2026-01-08 13:02:32 -06:00
Robert Winch
c09549970f
Merge branch '6.5.x' 2026-01-08 13:01:08 -06:00
Robert Winch
e7ba153d5d
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 2026-01-08 13:00:49 -06:00
Robert Winch
05518f3402
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 2026-01-08 13:00:44 -06:00
Robert Winch
ffa2c195d8
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 2026-01-08 13:00:40 -06:00
Robert Winch
8901fe3d04
Merge branch '6.5.x' 2026-01-08 12:59:07 -06:00
Robert Winch
e1256d1d2f
Merge branch '6.4.x' into 6.5.x 2026-01-08 12:58:55 -06:00
Robert Winch
334df75c39
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 2026-01-08 12:58:34 -06:00
Robert Winch
11b601159d
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 2026-01-08 12:58:25 -06:00
dependabot[bot]
c77f42e80f
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.22 to 1.5.24.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.24)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:27:07 +00:00
dependabot[bot]
8521b7d5a6
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.22 to 1.5.24.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.24)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:21:38 +00:00
dependabot[bot]
7af927ead4
Bump org.junit:junit-bom from 6.0.1 to 6.0.2 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.1...r6.0.2)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:14:49 +00:00
dependabot[bot]
1529a2f5e3
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.22 to 1.5.24.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.24)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:14:00 +00:00
Been24
beb3c78333 Replace method call with 'Builder.configureMessageConverters()' 
Deprecated
since 7.0 in favor of configureMessageConverters(Consumer)

Closes gh-18378

Signed-off-by: Been24 <894661859qq@gmail.com>
 2026-01-05 15:48:59 -05:00
dependabot[bot]
f17a07e4c1
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 
Bumps org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 03:12:20 +00:00
dependabot[bot]
687eb4faf6
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.39.Final to 6.6.40.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.40/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.39...6.6.40)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.40.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 03:12:09 +00:00
dependabot[bot]
00fbe052f4
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 
Bumps org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 03:10:38 +00:00