Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-01-18 12:27:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,996 Commits 46 Branches 369 Tags
Commit Graph

19996 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefano Cordio
a612522ecd Add nullability contract to PasswordEncoder#encode 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>
 2026-01-12 16:28:22 -06:00
Robert Winch
fe138d6434
Merge branch '7.0.x' 2026-01-12 16:05:51 -06:00
Robert Winch
7fcbf642b8
Use project.artifactory(Username|Password) 2026-01-12 16:05:38 -06:00
Robert Winch
a32d9f04e3
Revert "Use project.artifactory(Username|Password)" 
This reverts commit 9c449000dc0508457d0e4392a46e8ca731ada0fa.
 2026-01-12 16:04:56 -06:00
Robert Winch
93ae52aa58
Merge branch '7.0.x' 2026-01-12 15:48:57 -06:00
Robert Winch
9c449000dc
Use project.artifactory(Username|Password) 2026-01-12 15:48:47 -06:00
Robert Winch
43fe5f6b46
Fix update-antora-ui-spring.yml 2026-01-12 14:37:34 -06:00
Robert Winch
f47f81351e
Merge branch '7.0.x' 2026-01-12 14:32:23 -06:00
Robert Winch
63c99b9438
Revert "Update to 7.1.0-SNAPSHOT" 
This reverts commit b77ea8d3a3009940229239b4b442fe902acf4fba.
 2026-01-12 14:31:57 -06:00
paulvas
0d47870928 Fix: migrate compiler-warnings-error plugin to gradle 
Fixes: gh-18434
Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
paulvas
da4362111a Fix: Enforce compiler warnings in oauth2-core 
To prevent future compiler warnings from being introduced, this change
applies the `compile-warnings-error` plugin to the
`spring-security-oauth2-core` module.

This ensures that any new warnings will fail the build, maintaining
code quality and preventing warning accumulation.

Fixes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Pavel Vassiliev
1ddccd8a39 Fix spring-security-oauth2-core compiler warnings 
Closes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Robert Winch
2825aa3ff1
Merge branch '7.0.x' 
Closes gh-18485
 2026-01-12 13:44:13 -06:00
Pavel Vassiliev
641d8a362b Fix Gradle 9.0 deprecations 
This commit addresses several build warnings and errors to prepare for
Gradle 9.0 and resolve static analysis issues.
Closes: gh-18472
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
 2026-01-12 13:43:16 -06:00
Robert Winch
ec06f08bb6
Merge branch '7.0.x' 2026-01-12 13:38:52 -06:00
Andrey Litvitski
13f6286e04 Use DefaultParameterNameDiscoverer#getSharedInstance 
Closes: gh-18330

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-01-12 13:37:32 -06:00
Robert Winch
b77ea8d3a3 Update to 7.1.0-SNAPSHOT 2026-01-12 13:37:32 -06:00
rigu1
0a6883c586 Fix Javadoc warnings in spring-security-web 
* Use <code> tags for external references in DelegatingMissingAuthorityAccessDeniedHandler and SwitchUserWebFilter
* Fix typo in SessionAuthenticationException
* Apply javadoc-warnings-error plugin

Closes gh-18468

Signed-off-by: rigu1 <dlsrbtla@gmail.com>
 2026-01-12 13:24:47 -06:00
rigu1
c07a2e57bd Add javadoc-warnings-error build plugin 
Signed-off-by: rigu1 <dlsrbtla@gmail.com>
 2026-01-12 13:24:47 -06:00
Robert Winch
5a7d93ee3b
Merge branch '7.0.x' 
Closes gh-18471
 2026-01-09 16:55:02 -06:00
Fr05ty-hub
e9a92a8e9a Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but is referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Fr05ty-hub
ed774d3595 Replacing use of deprecated 'check' in authorization documentation 
check() was deprecated in Spring Security 7, but was referenced in documentation

Signed-off-by: Fr05ty-hub <frostylucas@gmail.com>
 2026-01-09 15:27:00 -06:00
Robert Winch
a3b57c470f
Merge branch '7.0.x' 2026-01-09 15:25:02 -06:00
Robert Winch
eb5cc89c69
Merge branch '6.5.x' into 7.0.x 2026-01-09 15:24:51 -06:00
Robert Winch
d1a32b4b62
Merge branch '7.0.x' 2026-01-09 15:23:29 -06:00
Robert Winch
d6f8a2e928
Merge branch '6.5.x' into 7.0.x 2026-01-09 15:23:06 -06:00
Robert Winch
6a47b5d573
Merge branch '6.4.x' into 6.5.x 2026-01-09 15:22:39 -06:00
github-actions[bot]
e588a3528f Update Antora Spring UI to v0.4.25 2026-01-09 15:22:22 -06:00
github-actions[bot]
7ea5be4b98 Update Antora Spring UI to v0.4.25 2026-01-09 15:21:48 -06:00
Robert Winch
3833650d33
Update to 7.1.0-SNAPSHOT 2026-01-09 10:32:03 -06:00
Robert Winch
2344fe5ebb Use proper xref syntax 
Incldue the required resource id and required # of the fragment.

See

- https://docs.antora.org/antora/latest/page/xref/#xref-macro
- https://docs.antora.org/antora/latest/page/resource-id-coordinates/#id-resource
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
ba18f681e5 Use xref anchor id 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Tran Ngoc Nhan
3d9bc6a5cf Update mfa.adoc 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-09 09:21:02 -06:00
Martin Boulais
1d8ea63a9e Fix typo in HTTP Basic Auth Provider documentation 
The documentation states that setting the header `X-Requested-By` will remove the `WWW-Authenticate` header from the response.
However, after testing this and reading the library code it looks like the header to set is `X-Requested-With` (X-Requested-By is mentioned nowhere except in this documentation file), so I propose this simple PR to fix this.

Signed-off-by: Martin Boulais <31805063+martinboulais@users.noreply.github.com>
 2026-01-08 13:59:34 -06:00
Tran Ngoc Nhan
d20c88ecef Format code 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Tran Ngoc Nhan
79815e044e Fix typos 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-08 13:35:43 -06:00
Rob Winch
04bba36ee5
Update supported branches in workflow file 
Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2026-01-08 13:05:45 -06:00
Robert Winch
5bb99b654f
Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.5.2 2026-01-08 13:02:42 -06:00
Robert Winch
37c15f3b81
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 2026-01-08 13:02:37 -06:00
Robert Winch
0b4dcc4328
Bump org.junit:junit-bom from 6.0.1 to 6.0.2 2026-01-08 13:02:32 -06:00
Robert Winch
c09549970f
Merge branch '6.5.x' 2026-01-08 13:01:08 -06:00
Robert Winch
e7ba153d5d
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 2026-01-08 13:00:49 -06:00
Robert Winch
05518f3402
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 2026-01-08 13:00:44 -06:00
Robert Winch
ffa2c195d8
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 2026-01-08 13:00:40 -06:00
Robert Winch
8901fe3d04
Merge branch '6.5.x' 2026-01-08 12:59:07 -06:00
Robert Winch
e1256d1d2f
Merge branch '6.4.x' into 6.5.x 2026-01-08 12:58:55 -06:00
Robert Winch
334df75c39
Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final 2026-01-08 12:58:34 -06:00
Robert Winch
11b601159d
Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 2026-01-08 12:58:25 -06:00
dependabot[bot]
c77f42e80f
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.22 to 1.5.24.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.24)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:27:07 +00:00
dependabot[bot]
8521b7d5a6
Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.22 to 1.5.24.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.22...v_1.5.24)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 03:21:38 +00:00