Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-01 10:59:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
16,546 Commits 36 Branches 337 Tags
Commit Graph

16546 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
561c786726
Repair Flaky Tests 
The issue turned out to be that OpenSAML first sends two HEAD
requests before sending a GET to retrieve the metadata. The way
the MockWebServer dispatcher was configured, it would send back
the metadata on each request. This created a situation where sockets
were being closed by the client before the server had sent all the
response, resulting in a broken pipe.

The tests would succeed most of the time due to lucky timing between
the client closing the socket and the server having sent all of its
(unrequested) data.

This version sends an expected HEAD response when requested.

Issue gh-15395
 2024-08-23 15:55:56 -06:00
dependabot[bot]
e90a6b66fe Bump com.gradle.develocity from 3.17.6 to 3.18 
Bumps com.gradle.develocity from 3.17.6 to 3.18.

---
updated-dependencies:
- dependency-name: com.gradle.develocity
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-22 20:17:45 -07:00
Josh Cummings
4635dabf87
Merge branch '6.3.x' 2024-08-22 19:44:55 -06:00
Josh Cummings
d134b0a4f4
Merge branch '6.2.x' into 6.3.x 
Closes gh-15681
 2024-08-22 19:44:40 -06:00
Josh Cummings
a3b88a8d4b
Enable Runtime Method Parameter Reflection 
Several method security tests rely on method parameters
being preserved, in order to demonstrate the difference
between relying on runtime reflection and using the @P
annotation.

Closes gh-15680
 2024-08-22 19:44:11 -06:00
Josh Cummings
dff3780c5e
Merge branch '6.3.x' 2024-08-22 12:38:17 -06:00
Josh Cummings
4c0d969f1f
Merge branch '6.2.x' into 6.3.x 
Closes gh-15676
 2024-08-22 12:37:45 -06:00
Josh Cummings
3ee5a96e53
Merge branch '5.8.x' into 6.2.x 
Closes gh-15675
 2024-08-22 12:24:56 -06:00
Steve Riesenberg
8318a42959
Update What's New for 6.4 
Issue gh-15437
 2024-08-22 13:12:33 -05:00
Josh Cummings
5c604b95fb
Correct PostFilterAuthorizationMethodInterceptor Target Type 
Previously, `postFilterAuthorizationMethodInterceptor` mistakenly
was published as an `Advisor`. Because `MethodSecurityAdvisorRegistrar`
re-publishes each pre/post annotation interceptor also as an `Advisor`,
this resulted in a duplicate advisor for `@PostFilter`.

Closes gh-15651
 2024-08-22 12:10:25 -06:00
dependabot[bot]
09785a3845 Bump org-eclipse-jetty from 11.0.22 to 11.0.23 
Bumps `org-eclipse-jetty` from 11.0.22 to 11.0.23.

Updates `org.eclipse.jetty:jetty-server` from 11.0.22 to 11.0.23

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.22 to 11.0.23

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-22 10:55:48 -07:00
Steve Riesenberg
fd991aaf9e
Revert "Bump com.gradle.develocity from 3.17.6 to 3.18" 
This reverts commit 430874c6
 2024-08-22 11:16:59 -05:00
Marcus Hert Da Coregio
1531acd2a8 Merge branch '6.3.x' 2024-08-22 11:07:05 -03:00
Marcus Hert Da Coregio
548e1c3649 Revert "Log command for debugging" 
This reverts commit f1802be73a40475461576a4265a650d0ea356d0b.
 2024-08-22 11:06:59 -03:00
Marcus Hert Da Coregio
9791801bc6 Merge branch '6.2.x' into 6.3.x 2024-08-22 11:06:43 -03:00
Marcus Hert Da Coregio
c06543daf3 Merge branch '5.8.x' into 6.2.x 2024-08-22 11:06:19 -03:00
github-actions[bot]
037ccecdaa Next development version 2024-08-22 13:53:46 +00:00
github-actions[bot]
de8dbf9560 Release 6.4.0-M3 6.4.0-M3 2024-08-22 13:23:02 +00:00
Marcus Hert Da Coregio
e92a945a2d Replace Env Variable with Expression 
Issue gh-15659
 2024-08-22 10:17:55 -03:00
github-actions[bot]
596ab18adb Merge branch '6.3.x' 2024-08-22 03:26:59 +00:00
dependabot[bot]
a203ab9651 Bump org.jfrog.buildinfo:build-info-extractor-gradle 
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.33.20 to 4.33.21.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.33.20...build-info-gradle-extractor-4.33.21)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-21 20:26:09 -07:00
dependabot[bot]
d8735d3148 Bump org.jfrog.buildinfo:build-info-extractor-gradle 
Bumps [org.jfrog.buildinfo:build-info-extractor-gradle](https://github.com/jfrog/build-info) from 4.33.20 to 4.33.21.
- [Release notes](https://github.com/jfrog/build-info/releases)
- [Changelog](https://github.com/jfrog/build-info/blob/master/RELEASE.md)
- [Commits](https://github.com/jfrog/build-info/compare/build-info-gradle-extractor-4.33.20...build-info-gradle-extractor-4.33.21)

---
updated-dependencies:
- dependency-name: org.jfrog.buildinfo:build-info-extractor-gradle
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-21 20:21:46 -07:00
Josh Cummings
06febf7857
Update What's New 2024-08-21 18:19:18 -06:00
Steve Riesenberg
5c71e0e3d7
Migrate to io.spring.develocity.conventions plugin 
Closes gh-15670
 2024-08-21 17:16:52 -05:00
Steve Riesenberg
eba0c0f20c
Merge branch '6.3.x' 
Closes gh-15669
 2024-08-21 16:22:17 -05:00
Steve Riesenberg
fc01ebb995
Merge branch '6.2.x' into 6.3.x 
Closes gh-15668
 2024-08-21 16:21:17 -05:00
Steve Riesenberg
ea24449411
Merge branch '6.3.x' 2024-08-21 16:20:53 -05:00
Steve Riesenberg
fb054198af
Migrate slack notifications to GChat (2nd attempt) 
Closes gh-15667
 2024-08-21 16:16:50 -05:00
Steve Riesenberg
035f86bdb3
Merge branch '5.8.x' into 6.2.x 
Closes gh-15667
 2024-08-21 15:45:39 -05:00
Steve Riesenberg
92809cef01
Migrate slack notifications to GChat (2nd attempt) 
Closes gh-15503
 2024-08-21 15:44:44 -05:00
github-actions[bot]
7e372c780d Next development version 2024-08-21 16:26:56 +00:00
github-actions[bot]
868c07af72 Release 6.3.3 6.3.3 2024-08-21 15:55:49 +00:00
Marcus Hert Da Coregio
229a8d2fad Remove unused imports 2024-08-21 08:31:11 -03:00
github-actions[bot]
1a48b38941 Merge branch '6.3.x' 2024-08-21 04:09:18 +00:00
dependabot[bot]
a68851fca3 Bump org-eclipse-jetty from 11.0.22 to 11.0.23 
Bumps `org-eclipse-jetty` from 11.0.22 to 11.0.23.

Updates `org.eclipse.jetty:jetty-server` from 11.0.22 to 11.0.23

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.22 to 11.0.23

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-20 21:08:31 -07:00
github-actions[bot]
18592db851 Merge branch '6.3.x' 2024-08-21 04:02:50 +00:00
github-actions[bot]
bf2c1a5979 Merge branch '6.2.x' into 6.3.x 2024-08-21 04:02:50 +00:00
dependabot[bot]
439b797eb8 Bump org-eclipse-jetty from 11.0.22 to 11.0.23 
Bumps `org-eclipse-jetty` from 11.0.22 to 11.0.23.

Updates `org.eclipse.jetty:jetty-server` from 11.0.22 to 11.0.23

Updates `org.eclipse.jetty:jetty-servlet` from 11.0.22 to 11.0.23

---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-server
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-20 21:02:01 -07:00
Josh Cummings
d7138cdb67
Repair Flaky Tests 
The error between MockWebServer and OpenSAML still happens on
occasion. This commit uses MockWebServer's default queue dispatcher
to remove any customization that might be contributing to
the flakiness.

Issue gh-15395
 2024-08-20 17:58:56 -06:00
Josh Cummings
1118b0ec63
Defer Sorting AuthorizationAdvisors in addAdvisor 
Issue gh-15658
 2024-08-20 17:23:10 -06:00
Josh Cummings
4da13f6091
Merge branch '6.3.x' 2024-08-20 16:47:48 -06:00
Josh Cummings
0cab7c8f15
Defer Sorting AuthorizationAdvisors 
Invoking AnnotationAwareOrderComparator#sort while the
AuthorizationAdvisors are still being computed causes those
advisors to be eagerly instantiated, making components
like ObservationRegistry ineligible for post processing.

This commit defers the sorting of the advisors until
after they are all fully instantiated and available in
the application context.

Closes gh-15658
 2024-08-20 16:47:29 -06:00
Marcus Hert Da Coregio
f1802be73a Log command for debugging 
Issue gh-15659
 2024-08-20 13:56:29 -03:00
Marcus Hert Da Coregio
df0cdd10f6 Merge branch '6.3.x' 2024-08-20 09:41:11 -03:00
Marcus Hert Da Coregio
8272640c7c Merge branch '6.2.x' into 6.3.x 2024-08-20 09:41:05 -03:00
github-actions[bot]
f4585d8e4a Bump Gradle Wrapper from 8.7 to 8.10 2024-08-20 09:40:53 -03:00
Marcus Hert Da Coregio
b6888a4837 Merge branch '6.3.x' 2024-08-20 09:23:02 -03:00
Marcus Hert Da Coregio
300c8d7913 Merge branch '6.2.x' into 6.3.x 2024-08-20 09:22:56 -03:00
Marcus Hert Da Coregio
83eceea58f Merge branch '5.8.x' into 6.2.x 2024-08-20 09:22:51 -03:00
dependabot[bot]
430874c693 Bump com.gradle.develocity from 3.17.6 to 3.18 
Bumps com.gradle.develocity from 3.17.6 to 3.18.

---
updated-dependencies:
- dependency-name: com.gradle.develocity
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 21:14:04 -07:00