Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-08 14:34:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,255 Commits 50 Branches 370 Tags
Commit Graph

20255 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
6b028cfe8e Bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.27 to 1.5.28.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.27...v_1.5.28)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 16:39:24 -06:00
dependabot[bot]
d912393280 Bump com.fasterxml.jackson:jackson-bom from 2.20.2 to 2.21.0 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.20.2 to 2.21.0.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.2...jackson-bom-2.21.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 16:25:51 -06:00
dependabot[bot]
ba8360671c Bump org.hibernate.orm:hibernate-core from 7.0.10.Final to 7.2.3.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.0.10.Final to 7.2.3.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.2.3/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.0.10...7.2.3)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.2.3.Final
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 16:25:36 -06:00
Robert Winch
bf7d86722f
Merge Remove unnecessary Gradle wrapper from buildSrc 2026-02-06 13:23:39 -06:00
Robert Winch
e37f83884b
Merge Remove unnecessary Gradle wrapper from buildSrc 
Closes gh-18694
 2026-02-06 13:13:10 -06:00
Robert Winch
ce963c744c
Merge Remove unnecessary Gradle wrapper from buildSrc 
Closes gh-18693
 2026-02-06 13:08:41 -06:00
Robert Winch
1efacf1ad8
Remove unnecessary Gradle wrapper from buildSrc 
buildSrc does not need its own Gradle wrapper and should use
the parent project's wrapper. Having a separate wrapper causes
Dependabot to detect and attempt to update it independently,
creating confusion and unnecessary PRs.

Closes gh-18692
 2026-02-06 13:06:17 -06:00
dependabot[bot]
3071459fe4 Bump io.micrometer:micrometer-observation from 1.14.14 to 1.16.2 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.14 to 1.16.2.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.14...v1.16.2)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.16.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 13:03:14 -06:00
dependabot[bot]
03c081bb46 Bump com.jayway.jsonpath:json-path from 2.9.0 to 2.10.0 
Bumps [com.jayway.jsonpath:json-path](https://github.com/jayway/JsonPath) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/jayway/JsonPath/releases)
- [Changelog](https://github.com/json-path/JsonPath/blob/master/changelog.md)
- [Commits](https://github.com/jayway/JsonPath/compare/json-path-2.9.0...json-path-2.10.0)

---
updated-dependencies:
- dependency-name: com.jayway.jsonpath:json-path
  dependency-version: 2.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 13:02:51 -06:00
dependabot[bot]
540fbdb189 Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.4 to 4.0.5 
Bumps [jakarta.xml.bind:jakarta.xml.bind-api](https://github.com/jakartaee/jaxb-api) from 4.0.4 to 4.0.5.
- [Release notes](https://github.com/jakartaee/jaxb-api/releases)
- [Commits](https://github.com/jakartaee/jaxb-api/compare/4.0.4...4.0.5)

---
updated-dependencies:
- dependency-name: jakarta.xml.bind:jakarta.xml.bind-api
  dependency-version: 4.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 13:02:15 -06:00
dependabot[bot]
cea004b555 Bump io.micrometer:context-propagation from 1.1.3 to 1.2.0 
Bumps [io.micrometer:context-propagation](https://github.com/micrometer-metrics/context-propagation) from 1.1.3 to 1.2.0.
- [Release notes](https://github.com/micrometer-metrics/context-propagation/releases)
- [Commits](https://github.com/micrometer-metrics/context-propagation/compare/v1.1.3...v1.2.0)

---
updated-dependencies:
- dependency-name: io.micrometer:context-propagation
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:22:44 -06:00
dependabot[bot]
4c011887bd Bump org.htmlunit:htmlunit from 4.11.1 to 4.21.0 
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 4.11.1 to 4.21.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/4.11.1...4.21.0)

---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
  dependency-version: 4.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:21:08 -06:00
dependabot[bot]
938d1f38b9 Bump org-jetbrains-kotlin from 2.3.0 to 2.3.10 
Bumps `org-jetbrains-kotlin` from 2.3.0 to 2.3.10.

Updates `org.jetbrains.kotlin:kotlin-bom` from 2.3.0 to 2.3.10
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](https://github.com/JetBrains/kotlin/compare/v2.3.0...v2.3.10)

Updates `org.jetbrains.kotlin:kotlin-gradle-plugin` from 2.3.0 to 2.3.10
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](https://github.com/JetBrains/kotlin/compare/v2.3.0...v2.3.10)

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlin:kotlin-bom
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.jetbrains.kotlin:kotlin-gradle-plugin
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:20:45 -06:00
Robert Winch
54f294fe6e
Merge branch '7.0.x' 2026-02-06 12:16:15 -06:00
Robert Winch
71a10cef0b
Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 2026-02-06 12:14:22 -06:00
Robert Winch
784e6efcf5
Bump io.mockk:mockk from 1.14.7 to 1.14.9 2026-02-06 12:14:19 -06:00
Robert Winch
1caefd748b
Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 2026-02-06 12:14:15 -06:00
Robert Winch
b427587d27
Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25 2026-02-06 12:14:12 -06:00
Robert Winch
832635c9e8
Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.28 2026-02-06 12:14:09 -06:00
Robert Winch
e45258a8bc
Merge branch '6.5.x' into 7.0.x 2026-02-06 12:13:35 -06:00
dependabot[bot]
fa7c6ea583
Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.20 to 0.0.22.
- [Commits](e28269199d...415e2b11a7)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:12:57 -06:00
dependabot[bot]
3841e0f6b3
Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.4 to 4.0.5 
Bumps [jakarta.xml.bind:jakarta.xml.bind-api](https://github.com/jakartaee/jaxb-api) from 4.0.4 to 4.0.5.
- [Release notes](https://github.com/jakartaee/jaxb-api/releases)
- [Commits](https://github.com/jakartaee/jaxb-api/compare/4.0.4...4.0.5)

---
updated-dependencies:
- dependency-name: jakarta.xml.bind:jakarta.xml.bind-api
  dependency-version: 4.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:12:56 -06:00
Robert Winch
50fad46df6
Bump @antora/atlas-extension in /docs 
---
updated-dependencies:
- dependency-name: "@antora/atlas-extension"
  dependency-version: 1.0.0-alpha.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:12:48 -06:00
dependabot[bot]
e28eea208b
Bump @springio/antora-extensions from 1.14.4 to 1.14.7 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.4 to 1.14.7.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.4...v1.14.7)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:11:58 -06:00
dependabot[bot]
f646392542
Bump @antora/collector-extension from 1.0.1 to 1.0.2 in /docs 
---
updated-dependencies:
- dependency-name: "@antora/collector-extension"
  dependency-version: 1.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:11:57 -06:00
dependabot[bot]
ffeda7a1b3
Bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.27 to 1.5.28.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.27...v_1.5.28)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:11:57 -06:00
dependabot[bot]
c85e7a0828
Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.28 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.24 to 1.5.28.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.24...v_1.5.28)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:54:04 +00:00
dependabot[bot]
14cf90a7b9
Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25 
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.24 to 0.0.25.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.24...v0.0.25)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:53:25 +00:00
dependabot[bot]
729e58b9de
Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.6 to 3.27.7.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.6...assertj-build-3.27.7)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:53:06 +00:00
dependabot[bot]
5c678bd78a
Bump io.mockk:mockk from 1.14.7 to 1.14.9 
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.7 to 1.14.9.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.7...1.14.9)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:52:45 +00:00
dependabot[bot]
52ca16fa4b
Bump antora from 3.2.0-alpha.8 to 3.2.0-alpha.11 in /docs 
Bumps [antora](https://gitlab.com/antora/antora) from 3.2.0-alpha.8 to 3.2.0-alpha.11.
- [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc)
- [Commits](https://gitlab.com/antora/antora/compare/v3.2.0-alpha.8...v3.2.0-alpha.11)

---
updated-dependencies:
- dependency-name: antora
  dependency-version: 3.2.0-alpha.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:52:25 +00:00
Robert Winch
fa10e74d76
Consistent Dependabot Configuration Across Supported Branches 
- Ensure 'type: dependency-upgrade'
- Ensure that every ecosystem is ran on all supported branches
- Consistent ordering per branch (allows adding/removing branches easier)
 2026-02-06 11:50:46 -06:00
Robert Winch
0a8cdc32d5
Merge branch '7.0.x' 2026-02-06 10:05:47 -06:00
Robert Winch
31993e72ea Update to Spring Framework 7.0.3 2026-02-06 09:24:43 -06:00
Robert Winch
5a51d63419
Update to Spring Framework 7.0.3 2026-02-06 09:06:34 -06:00
Robert Winch
ee7c579644
Merge branch '7.0.x' 2026-02-06 09:03:00 -06:00
Robert Winch
0bd3aa9a02
Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2 2026-02-06 09:02:42 -06:00
Robert Winch
dc7edcaf95
Bump org.springframework:spring-framework-bom from 7.0.3-SNAPSHOT to 7.0.4-SNAPSHOT 2026-02-06 09:02:35 -06:00
Robert Winch
310abcf23b
Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 2026-02-06 09:02:29 -06:00
Robert Winch
5807da104b
Bump tools.jackson:jackson-bom from 3.0.3 to 3.0.4 2026-02-06 09:02:23 -06:00
Robert Winch
24e5f2f910
Bump com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.20.2 2026-02-06 09:02:15 -06:00
Robert Winch
b92f4e7ed2
Merge branch '7.0.x' 2026-02-06 09:01:24 -06:00
dependabot[bot]
4f8fcea4de
Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.1 to 2025.1.2.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.1...2025.1.2)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2025.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot]
659aedbe96
Bump org.springframework:spring-framework-bom 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.3-SNAPSHOT to 7.0.4-SNAPSHOT.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/commits)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.4-SNAPSHOT
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot]
d589707385
Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.1 to 2025.0.2.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.1...2025.0.2)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot]
4734af6856
Bump tools.jackson:jackson-bom from 3.0.3 to 3.0.4 
Bumps [tools.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 3.0.3 to 3.0.4.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-3.0.3...jackson-bom-3.0.4)

---
updated-dependencies:
- dependency-name: tools.jackson:jackson-bom
  dependency-version: 3.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot]
ac09b73725
Bump com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.20.2 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.20.1 to 2.20.2.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.1...jackson-bom-2.20.2)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.20.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
Robert Winch
9dff826c9f
Bump org.seleniumhq.selenium:selenium-java from 4.31.0 to 4.40.0 2026-02-06 08:59:12 -06:00
Robert Winch
ee2702254e
Bump org.mockito:mockito-bom from 5.17.0 to 5.21.0 2026-02-06 08:57:05 -06:00
Robert Winch
f0ad037099
Bump org.seleniumhq.selenium:htmlunit3-driver from 4.30.0 to 4.40.0 2026-02-06 08:56:59 -06:00