Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,269 Commits 30 Branches 330 Tags 114 MiB
Commit Graph

12269 Commits

Author SHA1 Message Date
Marcus Hert Da Coregio 3f64c6d745 Use version catalog to resolve nimbus dependency versions 
Issue gh-14047
 2023-10-30 16:11:51 -03:00
Marcus Hert Da Coregio 2cd302fb1b Revert "Use lenient configuration for prohibited dependencies check" 
This reverts commit 602d4189d1.
 2023-10-30 16:11:02 -03:00
Marcus Hert Da Coregio e8ec49b4c5 Resolve versions without downloading dependencies 
Issue gh-14047
 2023-10-30 14:46:12 -03:00
Marcus Hert Da Coregio 602d4189d1 Use lenient configuration for prohibited dependencies check 
Issue gh-14047
 2023-10-30 12:10:32 -03:00
Marcus Hert Da Coregio 884014c2fb Use lenient configuration to resolve artifacts 
Issue gh-14047
 2023-10-30 11:25:30 -03:00
Marcus Hert Da Coregio 47969ec7c9 Fix verifyDependenciesVersions not working with s101 
Issue gh-14047
 2023-10-30 08:28:15 -03:00
Marcus Da Coregio 6654479649 Polish VerifyDependenciesVersionsPlugin 
Issue gh-14047
 2023-10-27 09:45:19 -03:00
Steve Riesenberg bfc31bacab
Polish Username/Password Authentication page 
Issue gh-11926

(cherry picked from commit 781d575921)
 2023-10-25 15:50:53 -05:00
Marcus Da Coregio ad2bea3350 Fail build if nimbus-jose-jwt version is not aligned 
Closes gh-14047
 2023-10-25 13:44:23 -03:00
Steve Riesenberg 5161712c35
Polish gh-13976 
Closes gh-13757
 2023-10-19 16:40:23 -05:00
Veli Döngelci a6b872dcf3
Fix caching error state in ReactiveRemoteJWKSource 2023-10-19 16:40:13 -05:00
Marcus Da Coregio 70ad3bf749 relay_state should not be included in signing calculation when it is null 
Closes gh-13913
 2023-10-19 09:58:47 -03:00
Scott Shidlovsky 19c4e427ee Update OpenSamlAuthenticationRequestResolverTests from Junit 4 to Junit 5 
(cherry picked from commit 508f7d7b8a)
 2023-10-19 09:50:28 -03:00
Marcus Da Coregio 736f1c27cd Remove updateDependencies plugin 
Closes gh-13966
 2023-10-18 14:12:25 -03:00
github-actions[bot] ec58bf0b28 Next development version 2023-10-16 16:06:01 +00:00
github-actions[bot] e4e31f2c90 Release 5.8.8 2023-10-16 15:21:39 +00:00
dependabot[bot] 49cd8ae217 Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2021.2.16 to 2021.2.17.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2021.2.16...2021.2.17)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-16 07:48:24 -03:00
Steve Riesenberg 81d91063a5
Document how to publish an AuthenticationManager 
Closes gh-11926
 2023-10-13 18:15:09 -05:00
dependabot[bot] 7f50bb5db1 Bump io.projectreactor.netty:reactor-netty from 1.0.36 to 1.0.38 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.36 to 1.0.38.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.36...v1.0.38)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:58:11 -03:00
dependabot[bot] 7556df6ea7 Bump io.projectreactor:reactor-bom from 2020.0.36 to 2020.0.37 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.36 to 2020.0.37.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.36...2020.0.37)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:56:17 -03:00
dependabot[bot] 71ceb5b80b Bump org-eclipse-jetty from 9.4.52.v20230823 to 9.4.53.v20231009 
Bumps `org-eclipse-jetty` from 9.4.52.v20230823 to 9.4.53.v20231009.

Updates `org.eclipse.jetty:jetty-server` from 9.4.52.v20230823 to 9.4.53.v20231009
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.52.v20230823...jetty-9.4.53.v20231009)

Updates `org.eclipse.jetty:jetty-servlet` from 9.4.52.v20230823 to 9.4.53.v20231009
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.52.v20230823...jetty-9.4.53.v20231009)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-11 07:56:06 -03:00
dependabot[bot] bd9643af44 Bump com.github.spullara.mustache.java:compiler from 0.9.10 to 0.9.11 
Bumps [com.github.spullara.mustache.java:compiler](https://github.com/spullara/mustache.java) from 0.9.10 to 0.9.11.
- [Commits](https://github.com/spullara/mustache.java/compare/0.9.10...mustache.java-0.9.11)

---
updated-dependencies:
- dependency-name: com.github.spullara.mustache.java:compiler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-10 08:20:03 -03:00
dependabot[bot] d46627b776 Bump org.jfrog.buildinfo:build-info-extractor-gradle 
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.29.0 to 4.29.4.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.29.0...build-info-gradle-extractor-4.29.4)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-09 07:29:32 -03:00
dependabot[bot] 8c6b5e0efe Bump io.spring.ge.conventions from 0.0.7 to 0.0.14 
Bumps [io.spring.ge.conventions](https://github.com/spring-io/gradle-enterprise-conventions) from 0.0.7 to 0.0.14.
- [Release notes](https://github.com/spring-io/gradle-enterprise-conventions/releases)
- [Commits](https://github.com/spring-io/gradle-enterprise-conventions/compare/v0.0.7...v0.0.14)

---
updated-dependencies:
- dependency-name: io.spring.ge.conventions
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:29:32 -03:00
dependabot[bot] 3315775734 Bump org.apache.logging.log4j:log4j-core from 2.17.1 to 2.17.2 
Bumps org.apache.logging.log4j:log4j-core from 2.17.1 to 2.17.2.

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:27:24 -03:00
dependabot[bot] cefcbdc819 Bump com.github.spullara.mustache.java:compiler from 0.9.4 to 0.9.10 
Bumps [com.github.spullara.mustache.java:compiler](https://github.com/spullara/mustache.java) from 0.9.4 to 0.9.10.
- [Commits](https://github.com/spullara/mustache.java/compare/mustache.java-0.9.4...0.9.10)

---
updated-dependencies:
- dependency-name: com.github.spullara.mustache.java:compiler
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:27:08 -03:00
dependabot[bot] 0b25dc53cc Bump com.gradle.enterprise from 3.11.1 to 3.11.4 
Bumps com.gradle.enterprise from 3.11.1 to 3.11.4.

---
updated-dependencies:
- dependency-name: com.gradle.enterprise
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:26:54 -03:00
dependabot[bot] 766396aa7c Bump io.projectreactor:reactor-bom from 2020.0.35 to 2020.0.36 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2020.0.35 to 2020.0.36.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2020.0.35...2020.0.36)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-04 09:26:23 -03:00
Marcus Da Coregio 64270f28e4 Saml2LogoutRequestMixin relayState property should be binding 
Closes gh-12539
 2023-10-03 08:41:33 -03:00
dependabot[bot] ece5089cc8 Bump org-aspectj from 1.9.20 to 1.9.20.1 
Bumps `org-aspectj` from 1.9.20 to 1.9.20.1.

Updates `org.aspectj:aspectjrt` from 1.9.20 to 1.9.20.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.20 to 1.9.20.1
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:50 -03:00
dependabot[bot] 448d23dd3e Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2021.2.15 to 2021.2.16.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2021.2.15...2021.2.16)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:34 -03:00
dependabot[bot] 0108241049 Bump org.springframework:spring-framework-bom from 5.3.29 to 5.3.30 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 5.3.29 to 5.3.30.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v5.3.29...v5.3.30)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:09:13 -03:00
dependabot[bot] 88cfae4182 Bump org-eclipse-jetty from 9.4.51.v20230217 to 9.4.52.v20230823 
Bumps `org-eclipse-jetty` from 9.4.51.v20230217 to 9.4.52.v20230823.

Updates `org.eclipse.jetty:jetty-server` from 9.4.51.v20230217 to 9.4.52.v20230823
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.51.v20230217...jetty-9.4.52.v20230823)

Updates `org.eclipse.jetty:jetty-servlet` from 9.4.51.v20230217 to 9.4.52.v20230823
- [Release notes](https://github.com/eclipse/jetty.project/releases)
- [Commits](https://github.com/eclipse/jetty.project/compare/jetty-9.4.51.v20230217...jetty-9.4.52.v20230823)

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-02 15:08:47 -03:00
Marcus Da Coregio b9836d618a Fix Workflows 
Issue gh-13873
 2023-09-29 15:50:10 -03:00
Marcus Da Coregio 2505c08e8f Do Not Run Some Workflows on Dependabot's PRs 
Issue gh-13873

(cherry picked from commit 3aae03b1b2)
 2023-09-29 15:48:12 -03:00
Marcus Da Coregio 9e877c9bc6 Do not run some workflows for Dependabot branches 
Issue gh-13873

(cherry picked from commit ab812b2b53)
 2023-09-29 15:48:11 -03:00
dependabot[bot] adef0f3f25 Bump com.google.code.gson:gson from 2.8.6 to 2.8.9 
Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.8.6 to 2.8.9.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.8.6...gson-parent-2.8.9)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-29 14:19:16 -03:00
dependabot[bot] a8eb565b05 Bump io.projectreactor.netty:reactor-netty from 1.0.35 to 1.0.36 
Bumps [io.projectreactor.netty:reactor-netty](https://github.com/reactor/reactor-netty) from 1.0.35 to 1.0.36.
- [Release notes](https://github.com/reactor/reactor-netty/releases)
- [Commits](https://github.com/reactor/reactor-netty/compare/v1.0.35...v1.0.36)

---
updated-dependencies:
- dependency-name: io.projectreactor.netty:reactor-netty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-29 14:14:00 -03:00
Marcus Da Coregio 64e2a2ff8b Apply updated Code Style 
Closes gh-13881
 2023-09-29 11:44:32 -03:00
Marcus Da Coregio 650692964e Fix snapshot_tests on CI workflow 
Closes gh-13876
 2023-09-28 15:58:43 -03:00
Marcus Da Coregio e29ea47ff7 Use Gradle's Version Catalog 
Issue gh-13868
 2023-09-28 14:57:18 -03:00
Marcus Da Coregio 664ee9a206 Fix formatting 
Issue gh-13776
 2023-09-25 10:09:32 -03:00
Jannick Weisshaupt b67218c150 Fix corrupted saml2 metadata when special characters are present 
Closes gh-13776
 2023-09-25 14:08:14 +01:00
Eric Haag ac04c2e675 Add dependency between rncToXsd and sourcesJar 
Since processResources is configured directly instead of via the source
set container, an explicit dependency task between rncToXsd and
sourcesJar must be defined.

Issue gh-13845
 2023-09-19 14:19:45 +01:00
Eric Haag e63d7fd9e9 Add dependency between rncToXsd and versionlessXsd 
Since processResources is configured directly instead of via the source
set container, an explicit dependency task between rncToXsd and
versionlessXsd must be defined.

Issue gh-13845
 2023-09-19 14:19:33 +01:00
Eric Haag 718c470910 Prevent creating duplicate .xsd entries 
This change removes .xsd entries that would appear in the top level of
the assembled artifacts. This occurred because the output of the
rncToXsd task does not consider the path beneath the resources
directory. To fix this, the processResources task is directly
configured with a copy spec so the required path can be set.

Issue gh-13845
 2023-09-19 14:19:19 +01:00
Steve Riesenberg 700b711c4b
Merge branch '5.7.x' into 5.8.x 2023-09-18 11:22:40 -05:00
github-actions[bot] c614422f44 Next development version 2023-09-18 16:10:51 +00:00
github-actions[bot] 85e0783796 Next development version 2023-09-18 16:10:25 +00:00
github-actions[bot] 3656fa6e0c Release 5.7.11 2023-09-18 15:24:51 +00:00