Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2026-02-08 14:34:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,208 Commits 50 Branches 370 Tags
Commit Graph

20208 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Winch
b92f4e7ed2
Merge branch '7.0.x' 2026-02-06 09:01:24 -06:00
dependabot[bot]
4f8fcea4de
Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.1 to 2025.1.2.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.1...2025.1.2)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2025.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot]
659aedbe96
Bump org.springframework:spring-framework-bom 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.3-SNAPSHOT to 7.0.4-SNAPSHOT.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/commits)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.4-SNAPSHOT
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot]
d589707385
Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.1 to 2025.0.2.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.1...2025.0.2)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot]
4734af6856
Bump tools.jackson:jackson-bom from 3.0.3 to 3.0.4 
Bumps [tools.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 3.0.3 to 3.0.4.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-3.0.3...jackson-bom-3.0.4)

---
updated-dependencies:
- dependency-name: tools.jackson:jackson-bom
  dependency-version: 3.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot]
ac09b73725
Bump com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.20.2 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.20.1 to 2.20.2.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.1...jackson-bom-2.20.2)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.20.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
Robert Winch
9dff826c9f
Bump org.seleniumhq.selenium:selenium-java from 4.31.0 to 4.40.0 2026-02-06 08:59:12 -06:00
Robert Winch
ee2702254e
Bump org.mockito:mockito-bom from 5.17.0 to 5.21.0 2026-02-06 08:57:05 -06:00
Robert Winch
f0ad037099
Bump org.seleniumhq.selenium:htmlunit3-driver from 4.30.0 to 4.40.0 2026-02-06 08:56:59 -06:00
Robert Winch
8d426bd28f
Bump org-bouncycastle from 1.80 to 1.83 2026-02-06 08:56:53 -06:00
dependabot[bot]
a8a859ec0e
Bump io.freefair.gradle:aspectj-plugin from 8.13.1 to 8.14.4 
Bumps [io.freefair.gradle:aspectj-plugin](https://github.com/freefair/gradle-plugins) from 8.13.1 to 8.14.4.
- [Release notes](https://github.com/freefair/gradle-plugins/releases)
- [Commits](https://github.com/freefair/gradle-plugins/compare/8.13.1...8.14.4)

---
updated-dependencies:
- dependency-name: io.freefair.gradle:aspectj-plugin
  dependency-version: 8.14.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 03:05:22 +00:00
dependabot[bot]
d467da7717
Bump org-bouncycastle from 1.80 to 1.83 
Bumps `org-bouncycastle` from 1.80 to 1.83.

Updates `org.bouncycastle:bcpkix-jdk18on` from 1.80 to 1.83
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

Updates `org.bouncycastle:bcprov-jdk18on` from 1.80 to 1.83
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

---
updated-dependencies:
- dependency-name: org.bouncycastle:bcpkix-jdk18on
  dependency-version: '1.83'
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.bouncycastle:bcprov-jdk18on
  dependency-version: '1.83'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 03:04:58 +00:00
dependabot[bot]
55ef3ce477
Bump org.seleniumhq.selenium:htmlunit3-driver from 4.30.0 to 4.40.0 
Bumps [org.seleniumhq.selenium:htmlunit3-driver](https://github.com/SeleniumHQ/htmlunit-driver) from 4.30.0 to 4.40.0.
- [Release notes](https://github.com/SeleniumHQ/htmlunit-driver/releases)
- [Commits](https://github.com/SeleniumHQ/htmlunit-driver/compare/4.30.0...4.40.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:htmlunit3-driver
  dependency-version: 4.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 03:04:46 +00:00
dependabot[bot]
bbb6f499c9
Bump org.mockito:mockito-bom from 5.17.0 to 5.21.0 
Bumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from 5.17.0 to 5.21.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.17.0...v5.21.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-bom
  dependency-version: 5.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 03:04:41 +00:00
arianna
3386e077e6 Fix typos in SAML 2.0 Documentation 
- Fix wrong docs link in Servlet - SAML2 Log In Overview
- Fix examples in Servlet - SAML2 Authentication Responses
- Fix examples in Servlet - SAML2 Logout

Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
10490a7b92 Fix typos in OAuth 2.0 Resource Server 
Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
f1e742dfc5 Fix typos in Authorization Documentation 
Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
arianna
8e9480545e Fix issue reports 
Closes gh-18376

Signed-off-by: arianna <arianna.comi03@gmail.com>
 2026-02-05 17:35:25 -07:00
dependabot[bot]
0eb5d8f356 Bump io.spring.nullability:io.spring.nullability.gradle.plugin 
Bumps [io.spring.nullability:io.spring.nullability.gradle.plugin](https://github.com/spring-gradle-plugins/nullability-plugin) from 0.0.10 to 0.0.11.
- [Release notes](https://github.com/spring-gradle-plugins/nullability-plugin/releases)
- [Commits](https://github.com/spring-gradle-plugins/nullability-plugin/compare/v0.0.10...v0.0.11)

---
updated-dependencies:
- dependency-name: io.spring.nullability:io.spring.nullability.gradle.plugin
  dependency-version: 0.0.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:27:40 -07:00
dependabot[bot]
3e238af024 Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.26 to 1.5.27.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.26...v_1.5.27)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:26:49 -07:00
dependabot[bot]
29ed4dd724 Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.20 to 0.0.22.
- [Commits](e28269199d...415e2b11a7)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:25:46 -07:00
dependabot[bot]
218b13884f Bump org.apache.httpcomponents.client5:httpclient5 from 5.5.2 to 5.6 
Bumps [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) from 5.5.2 to 5.6.
- [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt)
- [Commits](https://github.com/apache/httpcomponents-client/compare/rel/v5.5.2...rel/v5.6)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-version: '5.6'
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:24:39 -07:00
Josh Cummings
fc2fd63793
Merge branch '7.0.x' 2026-02-05 17:23:08 -07:00
Vincent Stradiot
075c48c0d8 Fix typo in documentation 
Signed-off-by: Vincent Stradiot <vincentstradiot@hotmail.com>
 2026-02-05 17:22:43 -07:00
DingHao
199473fcb3 Ability to configure authenticationDetailsSource in AnonymousConfigurer 
Closes gh-17831

Signed-off-by: DingHao <dh.hiekn@gmail.com>
 2026-02-05 17:19:03 -07:00
Bae Jihong
7903ad93c0 Fix compiler warnings in spring-security-acl 
- Use asSubclass() in AclClassIdUtils to avoid a unchecked cast warning
- Replace raw Map type with Map<?, ?> unbounded wildcard to avoid raw type warnings
- Use ArgumentMatchers to avoid a unchecked cast warning
- Suppress an unavoidable unchecked warning in reflection-based test code

Closes gh-18413

Signed-off-by: Bae Jihong <dasog@naver.com>
 2026-02-05 18:01:30 -06:00
dependabot[bot]
fe65ef2626 Bump org-opensaml5 from 5.1.6 to 5.2.0 
Bumps `org-opensaml5` from 5.1.6 to 5.2.0.

Updates `org.opensaml:opensaml-saml-api` from 5.1.6 to 5.2.0

Updates `org.opensaml:opensaml-saml-impl` from 5.1.6 to 5.2.0

---
updated-dependencies:
- dependency-name: org.opensaml:opensaml-saml-api
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.opensaml:opensaml-saml-impl
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:00:40 -07:00
Josh Cummings
2af6e1cf92
Merge branch '7.0.x' 2026-02-05 16:58:23 -07:00
Josh Cummings
31090f7a18
Merge branch '6.5.x' into 7.0.x 2026-02-05 16:58:16 -07:00
Josh Cummings
447e76bd06
Update to actions/checkout 6.0.2 2026-02-05 16:57:30 -07:00
dependabot[bot]
e535803cc2
Bump org.seleniumhq.selenium:selenium-java from 4.31.0 to 4.40.0 
Bumps [org.seleniumhq.selenium:selenium-java](https://github.com/SeleniumHQ/selenium) from 4.31.0 to 4.40.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.31.0...selenium-4.40.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-version: 4.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 23:46:24 +00:00
Josh Cummings
eeb080a191
Remove Branch Ecosystem Declarations 
These may have been added in error. Removing until it's clear
if they are needed

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 16:45:16 -07:00
Josh Cummings
b8c6b9fbff
Add directory attribute 
Issue gh-18648
 2026-02-05 16:37:27 -07:00
Josh Cummings
3cf0a1ccb7
Use Dependabot for GitHub Actions 
Closes gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 14:47:42 -07:00
Josh Cummings
c2f0f7b6ab
Use SHA Hashes for spring-security-release-tools Workflows 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 14:47:16 -07:00
Josh Cummings
8cd2f36e84
Merge branch '7.0.x' 2026-02-05 14:45:09 -07:00
Josh Cummings
41e7af70b5
Merge branch '6.5.x' into 7.0.x 2026-02-05 13:46:21 -07:00
Josh Cummings
46a9514420
Update to setup-gradle 5.0.1 
note that gradle/gradle-build-action is superceded by
setup-gradle.

Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:44:02 -07:00
Josh Cummings
8432df498e
Update upload-artifact to 6.0.0 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:44:00 -07:00
Josh Cummings
63162eb5f1
Update to setup-java 5.2.0 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:43:56 -07:00
Josh Cummings
5c3b8c513b
Update spring-gradle-build-action to 2.0.5 
Issue gh-18648
 2026-02-05 13:43:11 -07:00
Josh Cummings
d276c943fc
Update actions/checkout to 6.0.2 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:43:06 -07:00
Josh Cummings
18d9dd77ec
Use SHA Hashes for spring-security-release-tools Workflows 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:42:22 -07:00
Joe Grandja
517bc7cb65 Polish gh-18614 2026-02-05 15:32:47 -05:00
Elayne Bloom
a2d407518c Document ClientSettings 
Added documentation to describe the possible client configuration options when setting up an Oauth2 Authorization Server.

Closes gh-18614

Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>
 2026-02-05 15:32:46 -05:00
Josh Cummings
001d9df5ca
Remove Nullability Checkstyle Suppressions for saml2 
Issue gh-17823
 2026-02-05 13:13:25 -07:00
Josh Cummings
818a7831dd
Add Nullability to opensaml5Main Source Set 
Issue gh-17823

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:13:23 -07:00
Joe Grandja
0eba9de7d4 Merge branch '7.0.x' 2026-02-05 04:55:34 -05:00
Joe Grandja
d3c42a7a4f Polish OAuth2ConfigurerUtils 2026-02-05 04:52:02 -05:00
Joe Grandja
e61c03f7c3 Fix to allow multiple PasswordEncoder beans 
Closes gh-18645
 2026-02-05 04:51:51 -05:00