Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-25 14:45:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,400 Commits 51 Branches 373 Tags
Commit Graph

20400 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
41a8d6aca5 Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 
Bumps `org-apache-maven-resolver` from 1.9.26 to 1.9.27.

Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.26 to 1.9.27
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.26...maven-resolver-1.9.27)

Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.26 to 1.9.27
- [Release notes](https://github.com/apache/maven-resolver/releases)
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.26...maven-resolver-1.9.27)

Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.26 to 1.9.27

---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
  dependency-version: 1.9.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
  dependency-version: 1.9.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
  dependency-version: 1.9.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-24 03:16:37 +00:00
Rob Winch
e81c64b94d
Merge Update servlet/architecture.adoc to use include-code 
Update servlet/architecture.adoc to use include-code
 2026-02-23 17:16:28 -06:00
Robert Winch
0c394696ce
Fix servlet/architecture.adoc disable Sample 
- Switch `include-java` (does not exist) to `include-code`
- Update kotlin to have the `disable` tag
- Update to suppress deprecation use for User builder (allowed for samples)

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 17:03:17 -06:00
Joe Kuhel
62d1bc86e3
Update servlet architecture docs to use include-code 
Also update antora.xml to include-xml in docs/src/test/resources

Signed-off-by: Joe Kuhel <4983938+jkuhel@users.noreply.github.com>
 2026-02-23 16:37:16 -06:00
Rob Winch
a4cadb5cc5
Merge Make PublicKeyCredentialCreationOptions Serializable 
Make PublicKeyCredentialCreationOptions Serializable
 2026-02-23 16:01:34 -06:00
Robert Winch
701736da5d
Fix checkstyle 
Issue gh-18354

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 15:43:55 -06:00
Mohammad Amin Pahlevani
9e5a425859
Make PublicKeyCredentialCreationOptions Serializable 
Closes gh-16431

Signed-off-by: Mohammad Amin Pahlevani <pahlevani@live.com>
 2026-02-23 15:43:40 -06:00
Rob Winch
1ab17d941a
Merge Improve error message for missing access attribute in intercept-url 
Improve error message for missing access attribute in intercept-url
 2026-02-23 15:31:34 -06:00
Robert Winch
53300be8d7
Fix checkstyle 
Issue gh-18530
 2026-02-23 15:16:02 -06:00
CHANHAN
d5ba9dcada
Add tests for intercept-url access attribute validation 
Fixes gh-18503

Signed-off-by: CHANHAN <130114269+chanani@users.noreply.github.com>
 2026-02-23 15:16:02 -06:00
CHANHAN
fa87c78edb
fix missing access attribute validation in FilterInvocationSecurityMetadataSourceParser 
Fixes gh-18503

Signed-off-by: CHANHAN <130114269+chanani@users.noreply.github.com>
 2026-02-23 15:16:02 -06:00
CHANHAN
f1e367f93d
fix missing access attribute validation in AuthorizationFilterParser 
Fixes gh-18503

Signed-off-by: CHANHAN <130114269+chanani@users.noreply.github.com>
 2026-02-23 15:16:02 -06:00
Rob Winch
4d0627e6c0
Merge pull request #18721 from coehgns/main 
Add tests for PathPatternRequestMatcher request path caching
 2026-02-23 11:58:27 -06:00
Rob Winch
3106f2be7b
Merge pull request #18757 from wonderfulrosemari/gh-4265-csrf-multipart-header 
Document multipart CSRF header option
 2026-02-23 11:51:54 -06:00
Rob Winch
b3e5f09eb3
Merge Document Keberose Dependency Coordinates 
Document Keberose Dependency Coordinates
 2026-02-23 11:47:06 -06:00
Robert Winch
e1436c39f0
Merge Document Keberose Dependency Coordinates 2026-02-23 11:33:25 -06:00
Robert Winch
311235f39e
Document Keberose Dependency Coordinates 
Closes gh-18773
 2026-02-23 11:32:37 -06:00
Robert Winch
fec988c82d
Add Kerberos Migration Section 
This links to the updated dependency coordinates

Issue gh-18773

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 11:29:50 -06:00
busoco-sjb
17b434c1c1
Document the change in dependency coordinates with Spring Security 7 
Signed-off-by: busoco-sjb <169069865+busoco-sjb@users.noreply.github.com>
 2026-02-23 11:21:59 -06:00
Rob Winch
b451739b5c
Merge pull request Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager 
Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager
 2026-02-23 11:17:21 -06:00
Rob Winch
0bb65411be
Merge pull request Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager 
Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager
 2026-02-23 11:17:06 -06:00
Robert Winch
cfb3bf38d8
Merge Fix: Handle null authority string in AuthoritiesAuthorizationManager into main 2026-02-23 10:54:00 -06:00
Robert Winch
151bcf3b0b
Merge Fix: Handle null authority string in AuthoritiesAuthorizationManager into 7.0.x 2026-02-23 10:53:40 -06:00
Robert Winch
1116241ee3
Fix Checks for NullPointerException in AuthoritiesAuthorizationManager 
- Fix checkstyle
- Fix the test to use Collection that throws NullPointerException on .contains(null) to replicate the reported issue

Closes gh-18544

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 10:47:11 -06:00
Khyojae
d87dc9ae57
Fix: Handle null authority string in AuthoritiesAuthorizationManager 
This prevents NPE when GrantedAuthority.getAuthority() returns null. Closes gh-18543

Signed-off-by: Khyojae <khjae201@gmail.com>
 2026-02-23 09:30:28 -06:00
Robert Winch
ea1b3d819b
Merge branch '7.0.x' 2026-02-23 08:17:27 -06:00
Robert Winch
2eb948d9b5
Ensure tests clear AuthorizationServerContextHolder 
Closes gh-18768
 2026-02-23 08:17:02 -06:00
Robert Winch
881ddf796a
Merge branch '7.0.x' 2026-02-23 08:13:58 -06:00
Robert Winch
f2aef5168c
Merge branch '6.5.x' into 7.0.x 2026-02-23 08:13:38 -06:00
dependabot[bot]
ac556a45f9 Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.42.Final to 6.6.43.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.43/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.42...6.6.43)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.43.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 08:12:23 -06:00
dependabot[bot]
c8731a8dc0 Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.5 to 2.18.6.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.5...jackson-bom-2.18.6)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.18.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 08:12:09 -06:00
dependabot[bot]
d62cce5bfb Bump com.fasterxml.jackson:jackson-bom from 2.21.0 to 2.21.1 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.21.0 to 2.21.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.21.0...jackson-bom-2.21.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 03:19:50 +00:00
dependabot[bot]
eca68b6cb3 Bump org.seleniumhq.selenium:selenium-java from 4.40.0 to 4.41.0 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.40.0 to 4.41.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.40.0...selenium-4.41.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-version: 4.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 03:18:09 +00:00
dependabot[bot]
3e60eeb74c Bump org.hibernate.orm:hibernate-core from 7.2.4.Final to 7.2.5.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.2.4.Final to 7.2.5.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.2.5/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.2.4...7.2.5)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.2.5.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 03:17:25 +00:00
Robert Winch
21978cab22 Fix Build Errors for Improve AOT RuntimeHits 
- Saml2RuntimeHints consistently uses String in separate method for
  to ensure no classpath issues
- Fix Whitespace/Checkstyle
- Add Missing Nullability Annotations
 2026-02-20 17:28:35 -06:00
Josh Long
2dd2863550 aot improvements 
Signed-off-by: Josh Long <54473+joshlong@users.noreply.github.com>
 2026-02-20 17:28:35 -06:00
dependabot[bot]
1fdfd45782 Bump spring-io/spring-security-release-tools/.github/workflows/test.yml 
Bumps [spring-io/spring-security-release-tools/.github/workflows/test.yml](https://github.com/spring-io/spring-security-release-tools) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](7d42d82298...729fed56d4)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/test.yml
  dependency-version: 1.0.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-20 09:42:07 -06:00
Robert Winch
0dc1aa1126 Ensure tests clear AuthorizationServerContextHolder 2026-02-19 15:20:44 -06:00
Stefano Cordio
3cc707621f Prevent execution of scheduled GitHub Actions on forks 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>
 2026-02-19 14:41:12 -06:00
Robert Winch
f8ac095d48 Add nullability contract to PasswordEncoder#encode implementations 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>AbstractValidatingPasswordEncoder.java
 2026-02-19 14:36:48 -06:00
Chen He
d65625e399 Update BCryptPasswordEncoder example in password-storage.adoc 
Replaces the usage of BCryptPasswordEncoder with
BcryptPassword4jPasswordEncoder in documentation samples.

Signed-off-by: Chen He <nidhogg55555@gmail.com>
 2026-02-19 14:29:53 -06:00
Minu Kim
18068c9099 fix compile warning in spring-security-test 
Signed-off-by: Minu Kim <kmw106933@naver.com>
 2026-02-19 14:26:20 -06:00
Tran Ngoc Nhan
a539f056f7 Add javadoc-warnings-error 
Closes gh-18452

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-19 13:48:28 -06:00
Robert Winch
2b04177151
Merge branch '7.0.x' 2026-02-19 13:30:21 -06:00
Robert Winch
a4a6e9124c
Merge branch '6.5.x' into 7.0.x 2026-02-19 13:30:13 -06:00
Robert Winch
b21159f453
Bump org.junit:junit-bom from 6.0.2 to 6.0.3 2026-02-19 13:29:42 -06:00
Robert Winch
6f7c8cb352
Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 2026-02-19 13:29:36 -06:00
Robert Winch
5973a66bb1
Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 2026-02-19 13:29:30 -06:00
Robert Winch
3e3eeda560
Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 2026-02-19 13:28:49 -06:00
Robert Winch
cc6a005aa5 Add InetAddressMatcher 
Co-authored-by: Gábor Vaspöri <gabor.vaspori@gmail.com>
Co-authored-by: Kian Jamali <kianjamali123@gmail.com>
Co-authored-by: Rossen Stoyanchev <rstoyanchev@users.noreply.github.com>
 2026-02-19 11:44:19 -06:00