Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-01-17 11:56:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,985 Commits 46 Branches 369 Tags
Commit Graph

19985 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pavel Vassiliev
1ddccd8a39 Fix spring-security-oauth2-core compiler warnings 
Closes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Robert Winch
2825aa3ff1
Merge branch '7.0.x' 
Closes gh-18485
 2026-01-12 13:44:13 -06:00
Pavel Vassiliev
641d8a362b Fix Gradle 9.0 deprecations 
This commit addresses several build warnings and errors to prepare for
Gradle 9.0 and resolve static analysis issues.
Closes: gh-18472
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
 2026-01-12 13:43:16 -06:00
Robert Winch
ec06f08bb6
Merge branch '7.0.x' 2026-01-12 13:38:52 -06:00
Andrey Litvitski
13f6286e04 Use DefaultParameterNameDiscoverer#getSharedInstance 
Closes: gh-18330

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-01-12 13:37:32 -06:00
Robert Winch
b77ea8d3a3 Update to 7.1.0-SNAPSHOT 2026-01-12 13:37:32 -06:00
rigu1
0a6883c586 Fix Javadoc warnings in spring-security-web 
* Use <code> tags for external references in DelegatingMissingAuthorityAccessDeniedHandler and SwitchUserWebFilter
* Fix typo in SessionAuthenticationException
* Apply javadoc-warnings-error plugin

Closes gh-18468

Signed-off-by: rigu1 <dlsrbtla@gmail.com>
 2026-01-12 13:24:47 -06:00
rigu1
c07a2e57bd Add javadoc-warnings-error build plugin 
Signed-off-by: rigu1 <dlsrbtla@gmail.com>
 2026-01-12 13:24:47 -06:00
Robert Winch
5a7d93ee3b
Merge branch '7.0.x' 
Closes gh-18471
 2026-01-09 16:55:02 -06:00
Fr05ty-hub
e9a92a8e9a Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but is referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Fr05ty-hub
ed774d3595 Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but was referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Robert Winch
a3b57c470f
Merge branch '7.0.x' 2026-01-09 15:25:02 -06:00
Robert Winch
eb5cc89c69
Merge branch '6.5.x' into 7.0.x 2026-01-09 15:24:51 -06:00
Robert Winch
d1a32b4b62
Merge branch '7.0.x' 2026-01-09 15:23:29 -06:00
Robert Winch
d6f8a2e928
Merge branch '6.5.x' into 7.0.x 2026-01-09 15:23:06 -06:00
Robert Winch
6a47b5d573
Merge branch '6.4.x' into 6.5.x 2026-01-09 15:22:39 -06:00
github-actions[bot]
e588a3528f Update Antora Spring UI to v0.4.25 2026-01-09 15:22:22 -06:00
github-actions[bot]
7ea5be4b98 Update Antora Spring UI to v0.4.25 2026-01-09 15:21:48 -06:00
Robert Winch
3833650d33
Update to 7.1.0-SNAPSHOT 2026-01-09 10:32:03 -06:00
Robert Winch
2344fe5ebb Use proper xref syntax 
Incldue the required resource id and required # of the fragment.

See

- https://docs.antora.org/antora/latest/page/xref/#xref-macro
- https://docs.antora.org/antora/latest/page/resource-id-coordinates/#id-resource
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
ba18f681e5 Use xref anchor id 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
3d9bc6a5cf Update mfa.adoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Martin Boulais
1d8ea63a9e Fix typo in HTTP Basic Auth Provider documentation 
The documentation states that setting the header `X-Requested-By` will remove the `WWW-Authenticate` header from the response.
However, after testing this and reading the library code it looks like the header to set is `X-Requested-With` (X-Requested-By is mentioned nowhere except in this documentation file), so I propose this simple PR to fix this.

Signed-off-by: Martin Boulais <31805063+martinboulais@users.noreply.github.com>
 2026-01-08 13:59:34 -06:00
Tran Ngoc Nhan
d20c88ecef Format code 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Tran Ngoc Nhan
79815e044e Fix typos 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Rob Winch
04bba36ee5
Update supported branches in workflow file 
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2026-01-08 13:05:45 -06:00
Robert Winch
5bb99b654f
Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.5.2 2026-01-08 13:02:42 -06:00
Robert Winch
37c15f3b81
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 2026-01-08 13:02:37 -06:00
Robert Winch
0b4dcc4328
Bump org.junit:junit-bom from 6.0.1 to 6.0.2 2026-01-08 13:02:32 -06:00
Robert Winch
c09549970f
Merge branch '6.5.x' 2026-01-08 13:01:08 -06:00
Robert Winch
e7ba153d5d
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 2026-01-08 13:00:49 -06:00
Robert Winch
05518f3402
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 2026-01-08 13:00:44 -06:00
Robert Winch
ffa2c195d8
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 2026-01-08 13:00:40 -06:00
Robert Winch
8901fe3d04
Merge branch '6.5.x' 2026-01-08 12:59:07 -06:00
Robert Winch
e1256d1d2f
Merge branch '6.4.x' into 6.5.x 2026-01-08 12:58:55 -06:00
Robert Winch
334df75c39
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 2026-01-08 12:58:34 -06:00
Robert Winch
11b601159d
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 2026-01-08 12:58:25 -06:00
dependabot[bot]
c77f42e80f
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.22 to 1.5.24.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.24)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:27:07 +00:00
dependabot[bot]
8521b7d5a6
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.22 to 1.5.24.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.24)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:21:38 +00:00
dependabot[bot]
7af927ead4
Bump org.junit:junit-bom from 6.0.1 to 6.0.2 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.1...r6.0.2)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:14:49 +00:00
dependabot[bot]
1529a2f5e3
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.22 to 1.5.24.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.24)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:14:00 +00:00
Been24
beb3c78333 Replace method call with 'Builder.configureMessageConverters()' 
Deprecated
since 7.0 in favor of configureMessageConverters(Consumer)

Closes gh-18378

Signed-off-by: Been24 <894661859qq@gmail.com>
 2026-01-05 15:48:59 -05:00
dependabot[bot]
f17a07e4c1
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 
Bumps org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 03:12:20 +00:00
dependabot[bot]
687eb4faf6
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.39.Final to 6.6.40.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.40/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.39...6.6.40)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.40.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 03:12:09 +00:00
dependabot[bot]
00fbe052f4
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 
Bumps org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 03:10:38 +00:00
dependabot[bot]
5023cc7e4c
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.39.Final to 6.6.40.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.40/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.39...6.6.40)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.40.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 03:10:27 +00:00
dependabot[bot]
f4bfa609ae
Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.5.2 
Bumps [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) from 5.5.1 to 5.5.2.
- [Changelog](https://github.com/apache/httpcomponents-client/blob/rel/v5.5.2/RELEASE_NOTES.txt)
- [Commits](https://github.com/apache/httpcomponents-client/compare/rel/v5.5.1...rel/v5.5.2)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-version: 5.5.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-22 03:06:05 +00:00
dependabot[bot]
6d6552a602 Bump org-aspectj from 1.9.25 to 1.9.25.1 
Bumps `org-aspectj` from 1.9.25 to 1.9.25.1.

Updates `org.aspectj:aspectjrt` from 1.9.25 to 1.9.25.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.25 to 1.9.25.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.25.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-19 17:13:40 -06:00
dependabot[bot]
a259e49380 Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 
Bumps org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-19 17:00:24 -06:00
dependabot[bot]
d5b135ad0f Bump org.springframework.ldap:spring-ldap-core from 4.0.0 to 4.0.1 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/4.0.0...4.0.1)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-19 16:58:30 -06:00