Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,225 Commits 32 Branches 333 Tags 110 MiB
Commit Graph

17225 Commits

Author SHA1 Message Date
Josh Cummings b9911fd522
Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Josh Cummings e3cd4339b2
Add Serial Version 
Closes gh-16163
 2024-12-13 11:53:15 -07:00
Daniel Garnier-Moiroux fb954063bf Fix WebAuthnWebdriverTests 
Closes gh-16279
 2024-12-13 10:08:27 -06:00
Rob Winch 2a76a09552 Disable Flaky WebAuthnWebDriverTests 2024-12-12 22:21:36 -06:00
dependabot[bot] 809d8a84a3 Bump gradle/gradle-build-action from 2 to 3 
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2 to 3.
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 20:06:48 -08:00
Josh Cummings 7e83fd54aa
Add Test Saml 2.0 Test Objects 2024-12-12 18:12:11 -07:00
Josh Cummings 7592483654
Add Test to Report Missing serialVersionUID 
Issue gh-16276
 2024-12-12 18:12:11 -07:00
Josh Cummings f7b9b7228f
Include Classes Listed in Generator Map 
This allows testing of classes that are serializable,
but do not use Security's serialVersionUID.

Issue gh-16276
 2024-12-12 18:07:53 -07:00
Josh Cummings 82cc3ad5ec
Arrange Class Generators by Module 
Issue gh-16276
 2024-12-12 18:07:52 -07:00
Josh Cummings 47b5ab400a
Add 6.4.x Serialization Files 
Closes gh-16274
 2024-12-12 18:07:52 -07:00
dependabot[bot] 103a98ff9e Bump org.springframework:spring-framework-bom from 6.2.0 to 6.2.1 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.0...v6.2.1)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:31:16 -08:00
github-actions[bot] d290c5c205 Merge branch '6.3.x' 2024-12-12 21:25:03 +00:00
dependabot[bot] 3e43eda42b Bump org.springframework:spring-framework-bom from 6.1.15 to 6.1.16 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.15 to 6.1.16.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.15...v6.1.16)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:24:18 -08:00
dependabot[bot] 511bcc25f2 Bump org.springframework.ldap:spring-ldap-core from 3.2.8 to 3.2.10 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.8 to 3.2.10.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.8...3.2.10)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:16:34 -08:00
github-actions[bot] 3008ccc98e Merge branch '6.3.x' 2024-12-12 21:12:28 +00:00
dependabot[bot] e7d6dc22b2 Bump org.springframework.ldap:spring-ldap-core from 3.2.8 to 3.2.10 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.8 to 3.2.10.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.8...3.2.10)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:11:47 -08:00
Steve Riesenberg 180ac5497e
Remove exclusion that is no longer used 
Issue gh-16268
 2024-12-12 15:02:11 -06:00
Steve Riesenberg cb08e37d31
Remove 5.8.x and 6.2.x dependabot configuration 
Closes gh-16268
 2024-12-12 15:01:07 -06:00
Steve Riesenberg 49e7a3e65f
Revert "Include 5.8.x on Dependabot Auto Merge Forward" 
This reverts commit d5a0fa9134.

Closes gh-15770
 2024-12-12 14:50:12 -06:00
Yoshikazu Nojima ee1ede8b2d Update document regarding PublicKeyCredentialCreationOptions.attestation value 
Follow up for #16252
 2024-12-12 09:02:42 -06:00
Steve Riesenberg 682c40894e
Merge branch '6.3.x' 
Closes gh-16263
 2024-12-11 18:00:39 -06:00
Steve Riesenberg da06f6a9e6
Replace GRADLE_ENTERPRISE_SECRET_ACCESS_KEY with DEVELOCITY_ACCESS_KEY 
Closes gh-16262
 2024-12-11 18:00:31 -06:00
Yoshikazu Nojima d7d5253607 Change attestation in PublicKeyCredentialCreationOptions to none 
The attestation option in PublicKeyCredentialCreationOptions is a
parameter that controls whether to request attestation from the security key.
However, Spring Security Passkeys currently doesn't implement attestation verification.
Therefore, requesting attestation is unnecessary.
Specifying `direct` to request attestation may trigger browsers to
display additional privacy related dialog to users, so it is best to
avoid specifying `direct` unnecessarily.
 2024-12-11 17:18:18 -06:00
Daniel Garnier-Moiroux 99cc65d74c webauthn: add webdriver test 
- These tests verify the full end-to-end flow, including the javascript
  code bundled in the default login and logout pages. They require a full
  web browser, with support for Virtual Authenticators for automated testing.
  At this point in time, only Chrome supports virutal authenticators.
 2024-12-11 16:53:38 -06:00
Rob Winch cb4c7e5886 Merge branch '6.3.x' 
Closes gh-16261
 2024-12-11 15:48:18 -06:00
Rob Winch 6a0b683e60 StrictFirewallHttpRequest.buid returns StrictFirewallHttpRequest 
Closes gh-16069
 2024-12-11 15:46:31 -06:00
github-actions[bot] 99015300f2 Merge branch '6.3.x' 2024-12-11 03:27:07 +00:00
dependabot[bot] 2b6d586987 Bump io.projectreactor:reactor-bom from 2023.0.12 to 2023.0.13 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.12 to 2023.0.13.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.12...2023.0.13)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 19:26:18 -08:00
dependabot[bot] 74e1777349 Bump io.projectreactor:reactor-bom from 2023.0.12 to 2023.0.13 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.12 to 2023.0.13.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.12...2023.0.13)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 19:21:25 -08:00
dependabot[bot] 593211d2a9 Bump io.micrometer:micrometer-observation from 1.14.1 to 1.14.2 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.1 to 1.14.2.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.1...v1.14.2)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-10 19:20:52 -08:00
Josh Cummings 55ea78d441 Update GA Release Guidance 2024-12-10 20:08:19 -07:00
Josh Cummings a731af103e Polish 
Issue gh-16228
 2024-12-10 20:08:19 -07:00
Harpreet Singh d1a4fac520 Use Tabs for Maven and Gradle Snippets 
Closes gh-16228
 2024-12-10 20:08:19 -07:00
Josh Cummings 4cbaabb239 Added Testing 
Issue gh-16177
 2024-12-10 14:09:46 -07:00
DingHao f565b23b51 Restore Method Parameter Inheritance Support 
Closes gh-16177
 2024-12-10 14:09:46 -07:00
Tran Ngoc Nhan 40f8ac642a Fix Documentation Typos 2024-12-09 17:56:00 -07:00
Josh Cummings b168ec5f0d
Merge branch '6.3.x' 2024-12-09 15:27:18 -07:00
Josh Cummings 8d1b0d9764
Merge branch '6.2.x' into 6.3.x 2024-12-09 15:27:12 -07:00
Josh Cummings 2fe7faea87
Merge branch '5.8.x' into 6.2.x 2024-12-09 15:27:06 -07:00
Josh Cummings eb313ec901
Link to Messaging SpEL Migration Details 
Issue gh-12650
 2024-12-09 15:26:54 -07:00
Josh Cummings a18475c6cc
Merge branch '6.3.x' 2024-12-09 15:26:20 -07:00
Josh Cummings 7873ab8601
Merge branch '6.2.x' into 6.3.x 2024-12-09 15:26:04 -07:00
Josh Cummings 348f064df1
Merge branch '5.8.x' into 6.2.x 2024-12-09 15:25:50 -07:00
Josh Cummings 8b9fe13c88
Document Messaging SpEL Migration 
Issue gh-12650
 2024-12-09 15:25:33 -07:00
Josh Cummings aa85ebc65f
Remove Extraneous Field 
Issue gh-15678
 2024-12-09 08:00:22 -07:00
dependabot[bot] f613ff2285 Bump org.gretty:gretty from 4.1.5 to 4.1.6 
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.5...v4.1.6)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-08 20:12:10 -08:00
github-actions[bot] 892bcbd958 Merge branch '6.3.x' 2024-12-09 03:34:11 +00:00
dependabot[bot] 1f7dcc0fa6 Bump org.gretty:gretty from 4.1.5 to 4.1.6 
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.5...v4.1.6)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-08 19:33:25 -08:00
github-actions[bot] 7faf7ef9ec Merge branch '6.3.x' 2024-12-09 01:10:41 +00:00
dependabot[bot] 908b9b5a85 Bump antora from 3.2.0-alpha.6 to 3.2.0-alpha.8 in /docs 
Bumps [antora](https://gitlab.com/antora/antora) from 3.2.0-alpha.6 to 3.2.0-alpha.8.
- [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc)
- [Commits](https://gitlab.com/antora/antora/compare/v3.2.0-alpha.6...v3.2.0-alpha.8)

---
updated-dependencies:
- dependency-name: antora
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-08 17:10:14 -08:00