Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-24 03:08:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,098 Commits 42 Branches 362 Tags
Commit Graph

19098 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
d5107dd752
Merge Add META-INF/LICENSE.txt to published jars 2025-07-29 10:55:43 -05:00
Rob Winch
a2e85dd187
Merge branch '6.5.x' 
Closes gh-17640
 2025-07-29 10:54:36 -05:00
Rob Winch
f6cb0bd610
Merge Use 2004-present Copyright Header 
The original merge into main did not apply the changes. This fixes it.
Closes gh-17635
 2025-07-29 10:52:42 -05:00
Rob Winch
731cdacb77
Merge branch '6.4.x' into 6.5.x 
Closes gh-17639
 2025-07-29 10:47:22 -05:00
Rob Winch
ead8ec6e35
Add META-INF/LICENSE.txt to published jars 
Closes gh-17638
 2025-07-29 10:46:51 -05:00
Josh Cummings
4775fe41db Merge branch '6.5.x' 2025-07-29 09:28:20 -06:00
Josh Cummings
a9fcec8b46 Merge branch '6.4.x' into 6.5.x 2025-07-29 09:27:47 -06:00
Josh Cummings
452d311a9b Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-07-29 09:27:23 -06:00
Bernie Schelberg
edcb3b024e Update Shibboleth repository URL 
Signed-off-by: Bernie Schelberg <bernard.schelberg@invicara.com>
 2025-07-29 09:26:42 -06:00
Rob Winch
116bee1303
Merge branch '6.5.x' 
Closes gh-17635
 2025-07-29 09:50:09 -05:00
Rob Winch
2fdca16c1a
Merge branch '6.4.x' into 6.5.x 
Closes gh-17634
 2025-07-29 09:47:52 -05:00
Rob Winch
392129b616
Use 2004-present Copyright Header 
The Spring portfolio is changing to use <inception-year>-present in
the copyright headers to simplify keeping headers up to date. This
commit updates the headers and the checkstyle accordingly.

The commit updated etc/checkstyle/header.txt

It also updated the copyright headers using the following find/replace:

Find: (Copyright \d{4})\s*(\-\d{4})? the original author or authors.
Replace: Copyright 2004-present the original author or authors.

Closes gh-17633
 2025-07-29 09:45:23 -05:00
Rob Winch
bf877a9864
Add OAuth2User to OidcUser Conversion Params 
Previously the Oidc(Reactive)OAuth2UserService APIs allowed a strategy
for converting to the OidcUser with the OidcUserRequest and OidcUserInfo.
The input should also include the OAuth2User to make
it simple to use the OAuth2User as a part of the conversion.

This commit introduces OidcUserSource as a POJO containing
OidcUserRequest, OidcUserInfo, and OAuth2User.

It then updates the OidcUser conversion strategy in OidcUserService and
OidcReactiveOAuth2UserService to accept OidcUserSource as the source for
the Converter used to create OidUser.

Closes gh-17626
 2025-07-25 09:09:24 -05:00
Rob Winch
34742c9743
Reapply "Move webauthn runtimehints to spring-security-webauthn" 
This reverts commit 9489ab48abcbd192d87e5535f2459804d9826a80.
 2025-07-23 13:32:34 -05:00
Rob Winch
4ffec6dcdd
Merge branch '6.5.x' 2025-07-23 09:42:57 -05:00
Rob Winch
8ab36cdf13
Merge branch '6.4.x' into 6.5.x 2025-07-23 09:42:49 -05:00
Rob Winch
c85aa61118
Bump org.gretty:gretty from 4.1.6 to 4.1.7 2025-07-23 09:41:51 -05:00
Rob Winch
4503947faa
Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 2025-07-23 09:41:49 -05:00
Rob Winch
d58b068098
Bump com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.19.2 2025-07-23 09:41:46 -05:00
Rob Winch
6bdab77302
Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 2025-07-23 09:41:44 -05:00
Rob Winch
7f25f67dd0
Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.1 to 0.0.2 2025-07-23 09:41:41 -05:00
Rob Winch
fc9696794b
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-23 09:40:53 -05:00
Rob Winch
3cc74ff8bc
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 2025-07-23 09:40:51 -05:00
Rob Winch
d0033739e8
Bump org.gretty:gretty from 4.1.6 to 4.1.7 2025-07-23 09:40:48 -05:00
Rob Winch
ba5d3158db
Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 2025-07-23 09:40:46 -05:00
Rob Winch
1e9eeebcef
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-23 09:40:43 -05:00
Rob Winch
26600dab01
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 2025-07-23 09:39:47 -05:00
Rob Winch
bb279c166e
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 2025-07-23 09:39:44 -05:00
Rob Winch
95c5851fbb
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 2025-07-23 09:39:42 -05:00
Rob Winch
d5bde7f3ec
Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 2025-07-23 09:39:39 -05:00
Rob Winch
f32e1eb265
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 2025-07-23 09:39:34 -05:00
Rob Winch
9489ab48ab
Revert "Move webauthn runtimehints to spring-security-webauthn" 
This reverts commit fe411896af5ae5d5b50babfa292152335a3bf193.
 2025-07-23 09:22:47 -05:00
Rob Winch
fe411896af
Move webauthn runtimehints to spring-security-webauthn 
Issue gh-17586
 2025-07-23 09:20:39 -05:00
dependabot[bot]
79f107de76
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:49:22 +00:00
dependabot[bot]
0d1b73e291
Bump io.spring.gradle:spring-security-release-plugin 
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:49:13 +00:00
dependabot[bot]
dbd2ea2992
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 
---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:49:09 +00:00
dependabot[bot]
ec867129a8
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 
---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:49:07 +00:00
dependabot[bot]
0d434ee351
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:48:57 +00:00
dependabot[bot]
2d55fd5621
Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.8 to 1.14.9.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.8...v1.14.9)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:48:46 +00:00
dependabot[bot]
e11e8fe414
Bump io.spring.gradle:spring-security-release-plugin 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:48:41 +00:00
dependabot[bot]
7432554fa8
Bump org.gretty:gretty from 4.1.6 to 4.1.7 
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:48:30 +00:00
dependabot[bot]
ff0b8f0138
Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.8 to 6.2.9.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.8...v6.2.9)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:48:20 +00:00
dependabot[bot]
9300146b99
Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 
Bumps org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11.

---
updated-dependencies:
- dependency-name: org.apache.maven:maven-resolver-provider
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:48:04 +00:00
dependabot[bot]
176c3b8457
Bump io.spring.nullability:io.spring.nullability.gradle.plugin 
Bumps [io.spring.nullability:io.spring.nullability.gradle.plugin](https://github.com/spring-gradle-plugins/nullability-plugin) from 0.0.1 to 0.0.2.
- [Release notes](https://github.com/spring-gradle-plugins/nullability-plugin/releases)
- [Commits](https://github.com/spring-gradle-plugins/nullability-plugin/compare/v0.0.1...v0.0.2)

---
updated-dependencies:
- dependency-name: io.spring.nullability:io.spring.nullability.gradle.plugin
  dependency-version: 0.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:26:45 +00:00
dependabot[bot]
7e1a92b091
Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.23 to 0.0.24.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.23...v0.0.24)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:26:41 +00:00
dependabot[bot]
48533ede45
Bump com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.19.2 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.19.1 to 2.19.2.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.19.1...jackson-bom-2.19.2)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:26:22 +00:00
dependabot[bot]
614763041e
Bump io.spring.gradle:spring-security-release-plugin 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.6 to 1.0.10.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.6...v1.0.10)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:26:09 +00:00
dependabot[bot]
b672aae640
Bump org.gretty:gretty from 4.1.6 to 4.1.7 
Bumps [org.gretty:gretty](https://github.com/gretty-gradle-plugin/gretty) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/gretty-gradle-plugin/gretty/releases)
- [Changelog](https://github.com/gretty-gradle-plugin/gretty/blob/master/changes.md)
- [Commits](https://github.com/gretty-gradle-plugin/gretty/compare/v4.1.6...v4.1.7)

---
updated-dependencies:
- dependency-name: org.gretty:gretty
  dependency-version: 4.1.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-23 03:26:06 +00:00
Rob Winch
79cd982341
Extract spring-security-webauthn 
Closes gh-17586
 2025-07-22 17:18:38 -05:00
Rob Winch
7c887d2da1
Add nullability to spring-security-core 
Closes gh-17534
 2025-07-22 16:29:13 -05:00