Marcus Da Coregio
45a4a89960
Update hibernate-entitymanager to 5.6.12.Final
...
Closes gh-12005
2022-10-13 09:24:20 -03:00
Marcus Da Coregio
b43c7e927f
Update org.eclipse.jetty to 9.4.49.v20220914
...
Closes gh-12004
2022-10-13 09:24:20 -03:00
Marcus Da Coregio
50d23622d0
Update io.rsocket to 1.1.3
...
Closes gh-12003
2022-10-13 09:24:20 -03:00
Marcus Da Coregio
2c2603ba0f
Update io.projectreactor to 2020.0.24
...
Closes gh-12001
2022-10-13 09:24:20 -03:00
Marcus Da Coregio
f7f53ea2b7
Update jackson-bom to 2.13.4.20221012
...
Closes gh-11997
2022-10-13 09:22:28 -03:00
Marcus Da Coregio
e0f8c711d8
Add default value for cloneOutputDirectory property
...
Closes gh-11969
2022-10-10 11:00:47 -03:00
Dan Allen
e0843aabb1
automatically manage docs version (with collector)
2022-10-05 13:56:22 -05:00
Daniel Garnier-Moiroux
26bb60c567
Add rncToXsd task description to CONTRIBUTING.adoc
2022-10-03 10:09:27 -03:00
Dan Allen
c44230ba24
switch to offical Antora plugin for Gradle
...
- lock version to latest release of Antora 3.1
- rename properties on extension block
- use Node.js version provided by plugin
- remove package.json file
- assign environment variables using environments property on extension block
- use single quotes where possible in build script
- use default setting for log format
2022-09-29 14:05:09 -05:00
Jerome Prinet
8d2fb6858f
Update Gradle Enterprise plugin to 3.11.1
2022-09-16 13:14:53 -03:00
Marcus Da Coregio
7756247c3a
Simplify checkSamples task
...
Closes gh-11814
2022-09-16 09:36:12 -03:00
Dan Allen
3387149a0f
repurpose 5.6.x branch to provide local docs build
...
* remove unused workflows, scripts, and configuration (now handled by docs-build branch)
* upgrade Antora to 3.1 (and Node.js to 16)
* tune playbook settings
* reconfigure docs build for local build only
* add patch to support using linked worktree as Antora content source
* remove Antora extensions not needed for local builds
2022-09-12 15:41:12 -05:00
Underground Hill
8b74bf9742
Updated reference to architecture page
...
In the context of Servlet Authentication page, "Architecture" should probably link to "Servlet Authentication Architecture" page
2022-09-01 09:38:10 -03:00
Marcus Da Coregio
40abf87ae6
Add buildScan to checkRemote
...
Closes gh-11766
2022-08-30 09:11:08 -03:00
Steve Riesenberg
1c014eb512
Use 6.0.x instead of 3.0.x as default branch
2022-08-24 16:38:27 -05:00
Rob Winch
8c69699458
Remove backportbot.yml
...
Issue gh-11736
2022-08-23 13:46:32 -05:00
Rob Winch
fc10d5fc29
repository=spring-projects/spring-security
...
Previously the repository used spring-project (missing the s)
2022-08-23 13:30:20 -05:00
Rob Winch
c79ebf4edf
Setup Forward Merge
2022-08-22 16:19:44 -05:00
Marcus Da Coregio
a8d6c1d21f
Consistently set AuthenticationEventPublisher in AuthenticationManagerBuilder
...
Prior to this, the HttpSecurity bean was not consistent with WebSecurityConfigurerAdapter's HttpSecurity because it did not setup a default AuthenticationEventPublisher. This also fixes a problem where the AuthenticationEventPublisher bean would only be considered if there was a UserDetailsService
Closes gh-11449
Closes gh-11726
2022-08-19 09:58:22 -03:00
Steve Riesenberg
7c7f9380c7
Refresh remote JWK when unknown KID error occurs
...
Closes gh-11621
2022-08-18 16:54:45 -05:00
tinolazreg
888715bbb2
Add tests for unknown KID error
...
Issue gh-11621
2022-08-18 16:54:45 -05:00
jujunChen
13feb87171
Modify words
...
- <dependencyManagement> to dependencyManagement
- pom.xml to build.gradle
2022-08-16 14:51:36 -06:00
Rob Winch
faf9fb7337
NamespaceLdapAuthenticationProviderTests use Dynamic Port
...
Closes gh-11710
2022-08-15 15:26:46 -05:00
Rob Winch
f33d7253b6
GitHubMilestoneApiTests due_on Uses LocalDate
...
`GitHubMilestoneApiTests` uses `Instant.now()` for `due_on`. Since
`Instant.now()` is UTC time based,
`isMilestoneDueTodayWhenDueTodayThenTrue` fails when the computer that runs
the test is not the same day as it is in UTC time.
To fix it, `due_on` should be set to an `Instant` based upon the timezone
of the current computer.
Closes gh-11706
2022-08-15 13:04:29 -05:00
github-actions[bot]
db74e9d128
Next development version
2022-08-15 16:07:33 +00:00
github-actions[bot]
4559d269e0
Release 5.6.7
2022-08-15 15:25:05 +00:00
Marcus Da Coregio
627809d2dc
Update org.springframework.data to 2021.1.6
...
Closes gh-11686
2022-08-10 14:52:51 -03:00
Marcus Da Coregio
4b1d7e9479
Update org.springframework to 5.3.22
...
Closes gh-11685
2022-08-10 14:52:51 -03:00
Marcus Da Coregio
d9980a4dfe
Update jsonassert to 1.5.1
...
Closes gh-11684
2022-08-10 14:52:51 -03:00
Marcus Da Coregio
8eb7e589eb
Update hibernate-entitymanager to 5.6.10.Final
...
Closes gh-11683
2022-08-10 14:52:51 -03:00
Marcus Da Coregio
0d7dce9d71
Update org.eclipse.jetty to 9.4.48.v20220622
...
Closes gh-11682
2022-08-10 14:52:51 -03:00
Marcus Da Coregio
da09788be9
Update io.projectreactor to 2020.0.22
...
Closes gh-11680
2022-08-10 14:52:51 -03:00
Marcus Da Coregio
ead587c597
Consistently handle RequestRejectedException if it is wrapped
...
Closes gh-11645
2022-08-09 08:32:42 -03:00
Steve Riesenberg
02459919cc
Skip workflows on forks of spring-security
2022-07-28 15:13:56 -05:00
Steve Riesenberg
57d212ddca
Use cache and user.name system property on Windows
2022-07-28 15:13:55 -05:00
Steve Riesenberg
539b17f6da
Only run prerequisites job if on upstream repo
2022-07-28 15:13:54 -05:00
Steve Riesenberg
37e1ad27fe
Simplify dependency graph
2022-07-28 15:13:53 -05:00
Steve Riesenberg
043fdd6f03
Use Spring Gradle Build Action
...
Closes gh-11630
2022-07-28 15:13:52 -05:00
Steve Riesenberg
3234e05085
Polish gh-11367
2022-07-28 15:13:51 -05:00
naveen
f957e3c051
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
Closes gh-11367
2022-07-28 15:13:51 -05:00
Marcus Da Coregio
d66ad22652
Add Deprecated annotation to WebSecurity#securityInterceptor
...
Closes gh-11634
2022-07-27 14:32:44 -03:00
Rob Winch
7a860e1568
Fix Snapshot Sources/Javadoc
...
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.
Closes gh-10602
2022-07-26 16:26:31 -05:00
Desmond Silveira
0d3c3c676d
"Well-Know" should be "Well-Known"
2022-07-26 15:45:27 -05:00
Yuriy Savchenko
0f64d4c091
Add Kotlin example for WebTestClient setup docs
...
Closes gh-9998
2022-07-22 14:04:16 -03:00
Josh Cummings
56a6133b20
Merge Same-named Attribute Elements
...
Closes gh-11042
2022-07-20 18:43:25 -06:00
Steve Riesenberg
aaf20e7b61
Build only on branches
...
Issue gh-11480
2022-07-18 11:47:25 -05:00
Steve Riesenberg
148756076c
Backport release automation and github actions
...
Closes gh-11501
2022-07-13 15:51:25 -05:00
Steve Riesenberg
6f321a27c4
Fix inconsistency in hasProperty check
2022-07-13 15:51:25 -05:00
Steve Riesenberg
539443b4be
Add GitHubReleasePlugin with createGitHubRelease task
...
Issue gh-10456
Issue gh-10457
2022-07-13 15:51:24 -05:00
Josh Cummings
28424f8ae5
Correct input validation for 31 rounds
...
Closes gh-11470
2022-07-11 14:51:51 -06:00