Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,414 Commits 33 Branches 333 Tags 109 MiB
Commit Graph

11414 Commits

Author SHA1 Message Date
Steve Riesenberg 66da4301fc
Use cache and user.name system property on Windows 2022-07-28 15:07:02 -05:00
Steve Riesenberg 8929bd5abc
Only run prerequisites job if on upstream repo 2022-07-28 15:07:02 -05:00
Steve Riesenberg e3d1405f67
Simplify dependency graph 2022-07-28 15:07:02 -05:00
Steve Riesenberg e756a1df19
Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-28 15:07:02 -05:00
Steve Riesenberg 81fae2db2c
Polish gh-11367 2022-07-28 15:07:01 -05:00
naveen 054a3f0bc0
Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Closes gh-11367
 2022-07-28 15:07:00 -05:00
Steve Riesenberg 9d248c7185
Skip workflows on forks of spring-security 2022-07-28 14:17:42 -05:00
Steve Riesenberg 865bf23ecc
Use cache and user.name system property on Windows 2022-07-28 13:00:15 -05:00
Ulrich Grave 4393c2ea02
Add hash-based Content-Security-Policy for SAML pages 
Closes gh-11631
 2022-07-27 18:04:39 -06:00
Ulrich Grave 409998a3fe Add hash-based Content-Security-Policy for SAML pages 
Closes gh-11631
 2022-07-27 17:59:42 -06:00
Steve Riesenberg f86d30f4a1
Only run prerequisites job if on upstream repo 2022-07-27 16:01:16 -05:00
Steve Riesenberg dc59d12405
Simplify dependency graph 2022-07-27 16:01:15 -05:00
Steve Riesenberg bdeb32854e
Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-27 16:01:15 -05:00
Marcus Da Coregio 7f2c797086 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:39:56 -03:00
Marcus Da Coregio e5ae35ab71 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:39:33 -03:00
Marcus Da Coregio a996dfc55b Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:38:50 -03:00
Marcus Da Coregio d66ad22652 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:32:44 -03:00
Steve Riesenberg a72c5a55db
Revert "Remove @Configuration from webflux config examples" 
This reverts commit aec9effb88.
 2022-07-26 16:46:01 -05:00
Joshua Sattler aec9effb88 Remove @Configuration from webflux config examples 2022-07-26 16:34:10 -05:00
Rob Winch 7a860e1568 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:26:31 -05:00
Rob Winch ad9e737bf2 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:25:52 -05:00
Rob Winch 0d74da4f97 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:24:54 -05:00
Rob Winch 9fbe6b7731 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 15:49:52 -05:00
Desmond Silveira 0d3c3c676d
"Well-Know" should be "Well-Known" 2022-07-26 15:45:27 -05:00
Desmond Silveira 06aa3362dd
"Well-Know" should be "Well-Known" 2022-07-26 15:44:41 -05:00
Rob Winch b6258fe1f9 Apply ArtifactoryPlugin in RootProjectPlugin 
Issue gh-10602
 2022-07-26 15:42:51 -05:00
Rob Winch 8aa6fbfed2 ArtifactoryPlugin only apply default publications for MavenPublishPlugin 
Issue gh-10602
 2022-07-26 15:42:51 -05:00
Rob Winch e3ed6b3539 Update to build-info-extractor-gradle:4.29.0 
Issue gh-10602
 2022-07-26 15:42:50 -05:00
Desmond Silveira 3b9f5ac77b
"Well-Know" should be "Well-Known" 2022-07-26 15:41:38 -05:00
Desmond Silveira 2a336d4f49 "Well-Know" should be "Well-Known" 2022-07-26 15:41:05 -05:00
Steve Riesenberg 3f4efedd23
Polish gh-11367 2022-07-26 15:33:34 -05:00
naveen 8f93a7fc94
Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-07-26 15:33:33 -05:00
Marcus Da Coregio b76966638d Use Spring Framework 6.0.0-SNAPSHOT 2022-07-25 14:24:55 -03:00
Marcus Da Coregio 0c549ee147 Use SHA256 by default in Remember Me 
Closes gh-11520
 2022-07-25 10:33:12 -03:00
Yuriy Savchenko 0f64d4c091 Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 14:04:16 -03:00
Yuriy Savchenko 7c7751635d Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:56:41 -03:00
Yuriy Savchenko 5322352427 Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:49:21 -03:00
Yuriy Savchenko db9d60e82d Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:47:07 -03:00
Josh Cummings 56a6133b20
Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:43:25 -06:00
Josh Cummings bced37f6a7
Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:41:55 -06:00
Josh Cummings 561f65b34d
Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:40:20 -06:00
Josh Cummings e092ec780f
Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:33:24 -06:00
github-actions[bot] bf138c5154 Next development version 2022-07-18 17:05:25 +00:00
Steve Riesenberg aaf20e7b61
Build only on branches 
Issue gh-11480
 2022-07-18 11:47:25 -05:00
Steve Riesenberg fbc5839890
Build only on branches 
Issue gh-11480
 2022-07-18 11:46:47 -05:00
Steve Riesenberg 631076e4dd
Build only on branches 
Issue gh-11480
 2022-07-18 11:45:39 -05:00
github-actions[bot] 79912a0a44 Release 6.0.0-M6 2022-07-18 13:29:25 -03:00
Marcus Da Coregio 7e2b344a66 Update org.springframework to 6.0.0-M5 
Closes gh-11594
 2022-07-18 13:28:22 -03:00
Marcus Da Coregio 860c669666 Revert "Release 6.0.0-M6" 
This reverts commit c8fa238cfc.
 2022-07-18 13:18:34 -03:00
github-actions[bot] 8d147100ee Next development version 2022-07-18 16:00:47 +00:00