Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-08 22:44:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,192 Commits 50 Branches 370 Tags
Commit Graph

20192 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
arianna
10490a7b92 Fix typos in OAuth 2.0 Resource Server 
Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
f1e742dfc5 Fix typos in Authorization Documentation 
Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
8e9480545e Fix issue reports 
Closes gh-18376

Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
dependabot[bot]
0eb5d8f356 Bump io.spring.nullability:io.spring.nullability.gradle.plugin 
Bumps [io.spring.nullability:io.spring.nullability.gradle.plugin](https://github.com/spring-gradle-plugins/nullability-plugin) from 0.0.10 to 0.0.11.
- [Release notes](https://github.com/spring-gradle-plugins/nullability-plugin/releases)
- [Commits](https://github.com/spring-gradle-plugins/nullability-plugin/compare/v0.0.10...v0.0.11)

---
updated-dependencies:
- dependency-name: io.spring.nullability:io.spring.nullability.gradle.plugin
  dependency-version: 0.0.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:27:40 -07:00
dependabot[bot]
3e238af024 Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.26 to 1.5.27.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.26...v_1.5.27)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:26:49 -07:00
dependabot[bot]
29ed4dd724 Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.20 to 0.0.22.
- [Commits](e28269199d...415e2b11a7)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:25:46 -07:00
dependabot[bot]
218b13884f Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.2 to 5.6 
Bumps [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) from 5.5.2 to 5.6.
- [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt)
- [Commits](https://github.com/apache/httpcomponents-client/compare/rel/v5.5.2...rel/v5.6)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-version: '5.6'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:24:39 -07:00
Josh Cummings
fc2fd63793
Merge branch '7.0.x' 2026-02-05 17:23:08 -07:00
Vincent Stradiot
075c48c0d8 Fix typo in documentation 
Signed-off-by: Vincent Stradiot <vincentstradiot@hotmail.com>
 2026-02-05 17:22:43 -07:00
DingHao
199473fcb3 Ability to configure authenticationDetailsSource in AnonymousConfigurer 
Closes gh-17831

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2026-02-05 17:19:03 -07:00
Bae Jihong
7903ad93c0 Fix compiler warnings in spring-security-acl 
- Use asSubclass() in AclClassIdUtils to avoid a unchecked cast warning
- Replace raw Map type with Map<?, ?> unbounded wildcard to avoid raw type warnings
- Use ArgumentMatchers to avoid a unchecked cast warning
- Suppress an unavoidable unchecked warning in reflection-based test code

Closes gh-18413

Signed-off-by: Bae Jihong <dasog@naver.com>
 2026-02-05 18:01:30 -06:00
dependabot[bot]
fe65ef2626 Bump org-opensaml5 from 5.1.6 to 5.2.0 
Bumps `org-opensaml5` from 5.1.6 to 5.2.0.

Updates `org.opensaml:opensaml-saml-api` from 5.1.6 to 5.2.0

Updates `org.opensaml:opensaml-saml-impl` from 5.1.6 to 5.2.0

---
updated-dependencies:
- dependency-name: org.opensaml:opensaml-saml-api
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.opensaml:opensaml-saml-impl
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:00:40 -07:00
Josh Cummings
2af6e1cf92
Merge branch '7.0.x' 2026-02-05 16:58:23 -07:00
Josh Cummings
31090f7a18
Merge branch '6.5.x' into 7.0.x 2026-02-05 16:58:16 -07:00
Josh Cummings
447e76bd06
Update to actions/checkout 6.0.2 2026-02-05 16:57:30 -07:00
Josh Cummings
eeb080a191
Remove Branch Ecosystem Declarations 
These may have been added in error. Removing until it's clear
if they are needed

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 16:45:16 -07:00
Josh Cummings
b8c6b9fbff
Add directory attribute 
Issue gh-18648
 2026-02-05 16:37:27 -07:00
Josh Cummings
3cf0a1ccb7
Use Dependabot for GitHub Actions 
Closes gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 14:47:42 -07:00
Josh Cummings
c2f0f7b6ab
Use SHA Hashes for spring-security-release-tools Workflows 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 14:47:16 -07:00
Josh Cummings
8cd2f36e84
Merge branch '7.0.x' 2026-02-05 14:45:09 -07:00
Josh Cummings
41e7af70b5
Merge branch '6.5.x' into 7.0.x 2026-02-05 13:46:21 -07:00
Josh Cummings
46a9514420
Update to setup-gradle 5.0.1 
note that gradle/gradle-build-action is superceded by
setup-gradle.

Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:44:02 -07:00
Josh Cummings
8432df498e
Update upload-artifact to 6.0.0 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:44:00 -07:00
Josh Cummings
63162eb5f1
Update to setup-java 5.2.0 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:43:56 -07:00
Josh Cummings
5c3b8c513b
Update spring-gradle-build-action to 2.0.5 
Issue gh-18648
 2026-02-05 13:43:11 -07:00
Josh Cummings
d276c943fc
Update actions/checkout to 6.0.2 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:43:06 -07:00
Josh Cummings
18d9dd77ec
Use SHA Hashes for spring-security-release-tools Workflows 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:42:22 -07:00
Joe Grandja
517bc7cb65 Polish gh-18614 2026-02-05 15:32:47 -05:00
Elayne Bloom
a2d407518c Document ClientSettings 
Added documentation to describe the possible client configuration options when setting up an Oauth2 Authorization Server.

Closes gh-18614

Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>
 2026-02-05 15:32:46 -05:00
Josh Cummings
001d9df5ca
Remove Nullability Checkstyle Suppressions for saml2 
Issue gh-17823
 2026-02-05 13:13:25 -07:00
Josh Cummings
818a7831dd
Add Nullability to opensaml5Main Source Set 
Issue gh-17823

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:13:23 -07:00
Joe Grandja
0eba9de7d4 Merge branch '7.0.x' 2026-02-05 04:55:34 -05:00
Joe Grandja
d3c42a7a4f Polish OAuth2ConfigurerUtils 2026-02-05 04:52:02 -05:00
Joe Grandja
e61c03f7c3 Fix to allow multiple PasswordEncoder beans 
Closes gh-18645
 2026-02-05 04:51:51 -05:00
Josh Cummings
70fc8fef3a Add Sample SAML Response in Test 
Issue gh-17823

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-03 08:54:14 -07:00
gimgisu
46027974dd @gisu1102 
Apply code formatting to OAuth2AuthorizationServerBeanRegistrationAotProcessor

Closes spring-projectsgh-18432

Signed-off-by: gimgisu <gisu1102@gmail.com>
 2026-02-02 19:27:44 -06:00
gimgisu
338786bab9 @gisu1102 
Align AOT hints with MemberCategory deprecation replacements

- Replace DECLARED_FIELDS with ACCESS_DECLARED_FIELDS in runtime hints

- Preserve 1:1 intent for Collections via registerType only

- Keep INVOKE_* only where it existed before

Closes spring-projectsgh-18432

Signed-off-by: gimgisu <gisu1102@gmail.com>
 2026-02-02 19:27:44 -06:00
gimgisu
d7ecb8fdcf @gisu1102 
Restore Jackson 2 module runtime hints for passivity

- Keep Jackson 2 module registrations when jackson2 is present

- Extract Jackson 2 hint registration into a dedicated method

- Suppress removal warnings only for the Jackson 2 registration

Closes spring-projectsgh-18432

Signed-off-by: gimgisu <gisu1102@gmail.com>
 2026-02-02 19:27:44 -06:00
gimgisu
a9f9eba6ca @gisu1102 
Remove compiler warnings in spring-security-oauth2-authorization-server

- Remove ACCESS_DECLARED_FIELDS from AOT/runtime hints
- Add @SuppressWarnings("removal") for Jackson2 deprecated adapters

Closes spring-projectsgh-18432

Signed-off-by: gimgisu <gisu1102@gmail.com>
 2026-02-02 19:27:44 -06:00
Josh Cummings
1a6f344196
Add security-nullability 
Closes gh-17823

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-02 17:44:17 -07:00
Josh Cummings
e771ec04b7
Add @Nullable Annotations to saml2-service-provider 
Issue gh-17823

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-02 17:44:14 -07:00
Josh Cummings
f3656b4991
Ensure saml_request in Tests 
Issue gh-17823

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-02 17:44:10 -07:00
Joe Grandja
8f22fd4407 Merge branch '7.0.x' 2026-02-02 16:38:29 -05:00
Elayne Bloom
2c97b3376b Document Client PKCE settings 
Updated the documentation to reflect recent changes to enable PKCE by default for `authorization_code` flows in the documentation for the client.

Closes gh-18304

Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>
 2026-02-02 16:30:27 -05:00
Tran Ngoc Nhan
20493ef45f Add javadoc-warnings-error 
Closes gh-18461

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-02 12:06:12 -06:00
Vyacheslav
e029b3ac6f Update authorize-http-requests.adoc 
Comma added for java configuration 

Signed-off-by: Vyacheslav <43342280+cmmttd@users.noreply.github.com>
 2026-02-02 11:48:07 -06:00
Tran Ngoc Nhan
55ab498518 Add javadoc-warnings-error 
Closes gh-18469

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-02 11:45:53 -06:00
Tran Ngoc Nhan
b0983e2f5e Add javadoc-warnings-error 
Closes gh-18466

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-02 11:45:12 -06:00
dohyunk58
992d8ca79b fail build on javadoc warnings for spring-security-test 
Signed-off-by: dohyunk58 <hedge3x@gmail.com>
 2026-02-02 11:44:39 -06:00
Tran Ngoc Nhan
4c012c59c9 Add javadoc-warnings-error 
Closes gh-18464

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-02 11:44:31 -06:00