Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-03-01 02:49:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,235 Commits 36 Branches 337 Tags
Commit Graph

17235 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings
a5b0304596
Move AnyRequest Validation 
This will make way for other adding other checks

Issue gh-15982
 2024-12-13 18:24:57 -07:00
Josh Cummings
c1f5eb3192
Merge branch '6.4.x' 2024-12-13 18:24:39 -07:00
Josh Cummings
5ee1586a5a
Remove Unexposed Inner Classes from Serialization Test 
The following inner classes are used only internally by a non-Serializable component

Issue gh-16276
 2024-12-13 18:18:09 -07:00
Josh Cummings
9d02949fa9
Merge branch '6.4.x' 2024-12-13 16:58:17 -07:00
Josh Cummings
018e1ae1a4
Added Serialization Values 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Josh Cummings
b9911fd522
Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Josh Cummings
77f76f8465
Merge branch '6.4.x' 2024-12-13 11:53:51 -07:00
Josh Cummings
e3cd4339b2
Add Serial Version 
Closes gh-16163
 2024-12-13 11:53:15 -07:00
Rob Winch
a6354e5137 Merge branch '6.4.x' 
Closes gh-16283
 2024-12-13 10:10:21 -06:00
Daniel Garnier-Moiroux
fb954063bf Fix WebAuthnWebdriverTests 
Closes gh-16279
 2024-12-13 10:08:27 -06:00
Rob Winch
5a81a1fe66 Merge branch '6.4.x' 2024-12-12 22:21:44 -06:00
Rob Winch
2a76a09552 Disable Flaky WebAuthnWebDriverTests 2024-12-12 22:21:36 -06:00
github-actions[bot]
5f9b84a0ff Merge branch '6.4.x' 2024-12-13 04:07:33 +00:00
dependabot[bot]
809d8a84a3 Bump gradle/gradle-build-action from 2 to 3 
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2 to 3.
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 20:06:48 -08:00
Rob Winch
2fcd305509 Increment to 6.5.0-SNAPSHOT 
Closes gh-16221
 2024-12-12 21:47:11 -06:00
Josh Cummings
7e83fd54aa
Add Test Saml 2.0 Test Objects 2024-12-12 18:12:11 -07:00
Josh Cummings
7592483654
Add Test to Report Missing serialVersionUID 
Issue gh-16276
 2024-12-12 18:12:11 -07:00
Josh Cummings
f7b9b7228f
Include Classes Listed in Generator Map 
This allows testing of classes that are serializable,
but do not use Security's serialVersionUID.

Issue gh-16276
 2024-12-12 18:07:53 -07:00
Josh Cummings
82cc3ad5ec
Arrange Class Generators by Module 
Issue gh-16276
 2024-12-12 18:07:52 -07:00
Josh Cummings
47b5ab400a
Add 6.4.x Serialization Files 
Closes gh-16274
 2024-12-12 18:07:52 -07:00
dependabot[bot]
103a98ff9e Bump org.springframework:spring-framework-bom from 6.2.0 to 6.2.1 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.0...v6.2.1)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:31:16 -08:00
github-actions[bot]
d290c5c205 Merge branch '6.3.x' 2024-12-12 21:25:03 +00:00
dependabot[bot]
3e43eda42b Bump org.springframework:spring-framework-bom from 6.1.15 to 6.1.16 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.15 to 6.1.16.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.15...v6.1.16)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:24:18 -08:00
dependabot[bot]
511bcc25f2 Bump org.springframework.ldap:spring-ldap-core from 3.2.8 to 3.2.10 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.8 to 3.2.10.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.8...3.2.10)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:16:34 -08:00
github-actions[bot]
3008ccc98e Merge branch '6.3.x' 2024-12-12 21:12:28 +00:00
dependabot[bot]
e7d6dc22b2 Bump org.springframework.ldap:spring-ldap-core from 3.2.8 to 3.2.10 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.8 to 3.2.10.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.8...3.2.10)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:11:47 -08:00
Steve Riesenberg
180ac5497e
Remove exclusion that is no longer used 
Issue gh-16268
 2024-12-12 15:02:11 -06:00
Steve Riesenberg
cb08e37d31
Remove 5.8.x and 6.2.x dependabot configuration 
Closes gh-16268
 2024-12-12 15:01:07 -06:00
Steve Riesenberg
49e7a3e65f
Revert "Include 5.8.x on Dependabot Auto Merge Forward" 
This reverts commit d5a0fa91344bb7e61e5d292e905cd43df1e9a914.

Closes gh-15770
 2024-12-12 14:50:12 -06:00
Yoshikazu Nojima
ee1ede8b2d Update document regarding PublicKeyCredentialCreationOptions.attestation value 
Follow up for #16252
 2024-12-12 09:02:42 -06:00
Steve Riesenberg
682c40894e
Merge branch '6.3.x' 
Closes gh-16263
 2024-12-11 18:00:39 -06:00
Steve Riesenberg
da06f6a9e6
Replace GRADLE_ENTERPRISE_SECRET_ACCESS_KEY with DEVELOCITY_ACCESS_KEY 
Closes gh-16262
 2024-12-11 18:00:31 -06:00
Yoshikazu Nojima
d7d5253607 Change attestation in PublicKeyCredentialCreationOptions to none 
The attestation option in PublicKeyCredentialCreationOptions is a
parameter that controls whether to request attestation from the security key.
However, Spring Security Passkeys currently doesn't implement attestation verification.
Therefore, requesting attestation is unnecessary.
Specifying `direct` to request attestation may trigger browsers to
display additional privacy related dialog to users, so it is best to
avoid specifying `direct` unnecessarily.
 2024-12-11 17:18:18 -06:00
Daniel Garnier-Moiroux
99cc65d74c webauthn: add webdriver test 
- These tests verify the full end-to-end flow, including the javascript
  code bundled in the default login and logout pages. They require a full
  web browser, with support for Virtual Authenticators for automated testing.
  At this point in time, only Chrome supports virutal authenticators.
 2024-12-11 16:53:38 -06:00
Rob Winch
cb4c7e5886 Merge branch '6.3.x' 
Closes gh-16261
 2024-12-11 15:48:18 -06:00
Rob Winch
6a0b683e60 StrictFirewallHttpRequest.buid returns StrictFirewallHttpRequest 
Closes gh-16069
 2024-12-11 15:46:31 -06:00
github-actions[bot]
99015300f2 Merge branch '6.3.x' 2024-12-11 03:27:07 +00:00
dependabot[bot]
2b6d586987 Bump io.projectreactor:reactor-bom from 2023.0.12 to 2023.0.13 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.12 to 2023.0.13.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.12...2023.0.13)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 19:26:18 -08:00
dependabot[bot]
74e1777349 Bump io.projectreactor:reactor-bom from 2023.0.12 to 2023.0.13 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.12 to 2023.0.13.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.12...2023.0.13)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 19:21:25 -08:00
dependabot[bot]
593211d2a9 Bump io.micrometer:micrometer-observation from 1.14.1 to 1.14.2 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.1 to 1.14.2.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.1...v1.14.2)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 19:20:52 -08:00
Josh Cummings
55ea78d441 Update GA Release Guidance 2024-12-10 20:08:19 -07:00
Josh Cummings
a731af103e Polish 
Issue gh-16228
 2024-12-10 20:08:19 -07:00
Harpreet Singh
d1a4fac520 Use Tabs for Maven and Gradle Snippets 
Closes gh-16228
 2024-12-10 20:08:19 -07:00
Josh Cummings
4cbaabb239 Added Testing 
Issue gh-16177
 2024-12-10 14:09:46 -07:00
DingHao
f565b23b51 Restore Method Parameter Inheritance Support 
Closes gh-16177
 2024-12-10 14:09:46 -07:00
Tran Ngoc Nhan
40f8ac642a Fix Documentation Typos 2024-12-09 17:56:00 -07:00
Josh Cummings
b168ec5f0d
Merge branch '6.3.x' 2024-12-09 15:27:18 -07:00
Josh Cummings
8d1b0d9764
Merge branch '6.2.x' into 6.3.x 2024-12-09 15:27:12 -07:00
Josh Cummings
2fe7faea87
Merge branch '5.8.x' into 6.2.x 2024-12-09 15:27:06 -07:00
Josh Cummings
eb313ec901
Link to Messaging SpEL Migration Details 
Issue gh-12650
 2024-12-09 15:26:54 -07:00