Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-24 22:25:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,388 Commits 51 Branches 373 Tags
Commit Graph

20388 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
4d0627e6c0
Merge pull request #18721 from coehgns/main 
Add tests for PathPatternRequestMatcher request path caching
 2026-02-23 11:58:27 -06:00
Rob Winch
3106f2be7b
Merge pull request #18757 from wonderfulrosemari/gh-4265-csrf-multipart-header 
Document multipart CSRF header option
 2026-02-23 11:51:54 -06:00
Rob Winch
b3e5f09eb3
Merge Document Keberose Dependency Coordinates 
Document Keberose Dependency Coordinates
 2026-02-23 11:47:06 -06:00
Robert Winch
e1436c39f0
Merge Document Keberose Dependency Coordinates 2026-02-23 11:33:25 -06:00
Robert Winch
311235f39e
Document Keberose Dependency Coordinates 
Closes gh-18773
 2026-02-23 11:32:37 -06:00
Robert Winch
fec988c82d
Add Kerberos Migration Section 
This links to the updated dependency coordinates

Issue gh-18773

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 11:29:50 -06:00
busoco-sjb
17b434c1c1
Document the change in dependency coordinates with Spring Security 7 
Signed-off-by: busoco-sjb <169069865+busoco-sjb@users.noreply.github.com>
 2026-02-23 11:21:59 -06:00
Rob Winch
b451739b5c
Merge pull request Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager 
Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager
 2026-02-23 11:17:21 -06:00
Rob Winch
0bb65411be
Merge pull request Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager 
Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager
 2026-02-23 11:17:06 -06:00
Robert Winch
cfb3bf38d8
Merge Fix: Handle null authority string in AuthoritiesAuthorizationManager into main 2026-02-23 10:54:00 -06:00
Robert Winch
151bcf3b0b
Merge Fix: Handle null authority string in AuthoritiesAuthorizationManager into 7.0.x 2026-02-23 10:53:40 -06:00
Robert Winch
1116241ee3
Fix Checks for NullPointerException in AuthoritiesAuthorizationManager 
- Fix checkstyle
- Fix the test to use Collection that throws NullPointerException on .contains(null) to replicate the reported issue

Closes gh-18544

Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
 2026-02-23 10:47:11 -06:00
Khyojae
d87dc9ae57
Fix: Handle null authority string in AuthoritiesAuthorizationManager 
This prevents NPE when GrantedAuthority.getAuthority() returns null. Closes gh-18543

Signed-off-by: Khyojae <khjae201@gmail.com>
 2026-02-23 09:30:28 -06:00
Robert Winch
ea1b3d819b
Merge branch '7.0.x' 2026-02-23 08:17:27 -06:00
Robert Winch
2eb948d9b5
Ensure tests clear AuthorizationServerContextHolder 
Closes gh-18768
 2026-02-23 08:17:02 -06:00
Robert Winch
881ddf796a
Merge branch '7.0.x' 2026-02-23 08:13:58 -06:00
Robert Winch
f2aef5168c
Merge branch '6.5.x' into 7.0.x 2026-02-23 08:13:38 -06:00
dependabot[bot]
ac556a45f9 Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.42.Final to 6.6.43.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.43/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.42...6.6.43)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.43.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 08:12:23 -06:00
dependabot[bot]
c8731a8dc0 Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.5 to 2.18.6.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.5...jackson-bom-2.18.6)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.18.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 08:12:09 -06:00
dependabot[bot]
d62cce5bfb Bump com.fasterxml.jackson:jackson-bom from 2.21.0 to 2.21.1 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.21.0 to 2.21.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.21.0...jackson-bom-2.21.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 03:19:50 +00:00
dependabot[bot]
eca68b6cb3 Bump org.seleniumhq.selenium:selenium-java from 4.40.0 to 4.41.0 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.40.0 to 4.41.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.40.0...selenium-4.41.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-version: 4.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 03:18:09 +00:00
dependabot[bot]
3e60eeb74c Bump org.hibernate.orm:hibernate-core from 7.2.4.Final to 7.2.5.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 7.2.4.Final to 7.2.5.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.2.5/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.2.4...7.2.5)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.2.5.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 03:17:25 +00:00
Robert Winch
21978cab22 Fix Build Errors for Improve AOT RuntimeHits 
- Saml2RuntimeHints consistently uses String in separate method for
  to ensure no classpath issues
- Fix Whitespace/Checkstyle
- Add Missing Nullability Annotations
 2026-02-20 17:28:35 -06:00
Josh Long
2dd2863550 aot improvements 
Signed-off-by: Josh Long <54473+joshlong@users.noreply.github.com>
 2026-02-20 17:28:35 -06:00
dependabot[bot]
1fdfd45782 Bump spring-io/spring-security-release-tools/.github/workflows/test.yml 
Bumps [spring-io/spring-security-release-tools/.github/workflows/test.yml](https://github.com/spring-io/spring-security-release-tools) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](7d42d82298...729fed56d4)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/test.yml
  dependency-version: 1.0.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-20 09:42:07 -06:00
Robert Winch
0dc1aa1126 Ensure tests clear AuthorizationServerContextHolder 2026-02-19 15:20:44 -06:00
Stefano Cordio
3cc707621f Prevent execution of scheduled GitHub Actions on forks 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>
 2026-02-19 14:41:12 -06:00
Robert Winch
f8ac095d48 Add nullability contract to PasswordEncoder#encode implementations 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>AbstractValidatingPasswordEncoder.java
 2026-02-19 14:36:48 -06:00
Chen He
d65625e399 Update BCryptPasswordEncoder example in password-storage.adoc 
Replaces the usage of BCryptPasswordEncoder with
BcryptPassword4jPasswordEncoder in documentation samples.

Signed-off-by: Chen He <nidhogg55555@gmail.com>
 2026-02-19 14:29:53 -06:00
Minu Kim
18068c9099 fix compile warning in spring-security-test 
Signed-off-by: Minu Kim <kmw106933@naver.com>
 2026-02-19 14:26:20 -06:00
Tran Ngoc Nhan
a539f056f7 Add javadoc-warnings-error 
Closes gh-18452

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-19 13:48:28 -06:00
Robert Winch
2b04177151
Merge branch '7.0.x' 2026-02-19 13:30:21 -06:00
Robert Winch
a4a6e9124c
Merge branch '6.5.x' into 7.0.x 2026-02-19 13:30:13 -06:00
Robert Winch
b21159f453
Bump org.junit:junit-bom from 6.0.2 to 6.0.3 2026-02-19 13:29:42 -06:00
Robert Winch
6f7c8cb352
Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 2026-02-19 13:29:36 -06:00
Robert Winch
5973a66bb1
Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 2026-02-19 13:29:30 -06:00
Robert Winch
3e3eeda560
Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 2026-02-19 13:28:49 -06:00
Robert Winch
cc6a005aa5 Add InetAddressMatcher 
Co-authored-by: Gábor Vaspöri <gabor.vaspori@gmail.com>
Co-authored-by: Kian Jamali <kianjamali123@gmail.com>
Co-authored-by: Rossen Stoyanchev <rstoyanchev@users.noreply.github.com>
 2026-02-19 11:44:19 -06:00
Robert Winch
d4589c0fcb
Merge branch '7.0.x' 2026-02-19 11:00:16 -06:00
dependabot[bot]
e2486a2590 Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.4 to 7.0.5.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v7.0.4...v7.0.5)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-19 10:58:10 -06:00
Tran Ngoc Nhan
dbf7f4cfe5 Remove unused @Nullable 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-19 10:56:54 -06:00
dependabot[bot]
f27738c1f8 Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.4 to 7.0.5.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v7.0.4...v7.0.5)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-19 03:18:04 +00:00
wonderfulrosemari
8d76ae0844 Document multipart CSRF header option 
Closes gh-4265

Signed-off-by: wonderfulrosemari <whwlsgur1419@naver.com>
 2026-02-19 02:07:25 +09:00
dependabot[bot]
73b055baa9 Bump org-opensaml5 from 5.2.0 to 5.2.1 
Bumps `org-opensaml5` from 5.2.0 to 5.2.1.

Updates `org.opensaml:opensaml-saml-api` from 5.2.0 to 5.2.1

Updates `org.opensaml:opensaml-saml-impl` from 5.2.0 to 5.2.1

---
updated-dependencies:
- dependency-name: org.opensaml:opensaml-saml-api
  dependency-version: 5.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.opensaml:opensaml-saml-impl
  dependency-version: 5.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-18 03:15:22 +00:00
earlgrey02
5194826606 implement single-line RSA key support 
Signed-off-by: earlgrey02 <san06036@naver.com>
 2026-02-17 17:29:04 -07:00
Josh Cummings
fc48088759 Polish 
- Add @since version
- Change variable name to match method name

Issue gh-18623

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-17 17:19:42 -07:00
itsmevichu
d528be38bb Add postProcessor to Introspector Builder 
Closes gh-18623

Signed-off-by: itsmevichu <vishnutheep@gmail.com>
 2026-02-17 17:19:42 -07:00
Tran Ngoc Nhan
da0cd0bc68 Remove unused import 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-17 16:59:55 -07:00
Josh Cummings
410812c5bc Reduce Diff Size 
This commit reorders the originally changed boolean logic so that it returns
false early, as it did before. This allows the change to remain small and also
keeps the most complex logical statements outside of the if statement.

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-17 16:59:55 -07:00
Tran Ngoc Nhan
329d9e2dfd Revert code 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-02-17 16:59:55 -07:00