Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-31 09:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,332 Commits 38 Branches 345 Tags
Commit Graph

11332 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Steve Riesenberg
15f525c614 Polish HttpSecurity 2022-07-29 17:42:20 -05:00
Steve Riesenberg
0c0c75ce22 Remove references to WebSecurityConfigurerAdapter 
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
 2022-07-29 17:42:20 -05:00
Steve Riesenberg
9861769b02 Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity 
Closes gh-11277
 2022-07-29 17:42:20 -05:00
Steve Riesenberg
02459919cc
Skip workflows on forks of spring-security 2022-07-28 15:13:56 -05:00
Steve Riesenberg
57d212ddca
Use cache and user.name system property on Windows 2022-07-28 15:13:55 -05:00
Steve Riesenberg
539b17f6da
Only run prerequisites job if on upstream repo 2022-07-28 15:13:54 -05:00
Steve Riesenberg
37e1ad27fe
Simplify dependency graph 2022-07-28 15:13:53 -05:00
Steve Riesenberg
043fdd6f03
Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-28 15:13:52 -05:00
Steve Riesenberg
3234e05085
Polish gh-11367 2022-07-28 15:13:51 -05:00
naveen
f957e3c051
Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Closes gh-11367
 2022-07-28 15:13:51 -05:00
Steve Riesenberg
24033be046
Skip workflows on forks of spring-security 2022-07-28 15:11:09 -05:00
Steve Riesenberg
47a5665767
Use cache and user.name system property on Windows 2022-07-28 15:11:08 -05:00
Steve Riesenberg
aad60cc6af
Only run prerequisites job if on upstream repo 2022-07-28 15:11:07 -05:00
Steve Riesenberg
13e94935ae
Simplify dependency graph 2022-07-28 15:11:06 -05:00
Steve Riesenberg
6c29007fac
Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-28 15:11:05 -05:00
Steve Riesenberg
6ad567f0fa
Polish gh-11367 2022-07-28 15:11:05 -05:00
naveen
8c634f8a9d
Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Closes gh-11367
 2022-07-28 15:11:04 -05:00
Steve Riesenberg
4fbbfd2c8b
Skip workflows on forks of spring-security 2022-07-28 15:07:02 -05:00
Steve Riesenberg
66da4301fc
Use cache and user.name system property on Windows 2022-07-28 15:07:02 -05:00
Steve Riesenberg
8929bd5abc
Only run prerequisites job if on upstream repo 2022-07-28 15:07:02 -05:00
Steve Riesenberg
e3d1405f67
Simplify dependency graph 2022-07-28 15:07:02 -05:00
Steve Riesenberg
e756a1df19
Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-28 15:07:02 -05:00
Steve Riesenberg
81fae2db2c
Polish gh-11367 2022-07-28 15:07:01 -05:00
naveen
054a3f0bc0
Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Closes gh-11367
 2022-07-28 15:07:00 -05:00
Steve Riesenberg
9d248c7185
Skip workflows on forks of spring-security 2022-07-28 14:17:42 -05:00
Steve Riesenberg
865bf23ecc
Use cache and user.name system property on Windows 2022-07-28 13:00:15 -05:00
Ulrich Grave
4393c2ea02
Add hash-based Content-Security-Policy for SAML pages 
Closes gh-11631
 2022-07-27 18:04:39 -06:00
Ulrich Grave
409998a3fe Add hash-based Content-Security-Policy for SAML pages 
Closes gh-11631
 2022-07-27 17:59:42 -06:00
Steve Riesenberg
f86d30f4a1
Only run prerequisites job if on upstream repo 2022-07-27 16:01:16 -05:00
Steve Riesenberg
dc59d12405
Simplify dependency graph 2022-07-27 16:01:15 -05:00
Steve Riesenberg
bdeb32854e
Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-27 16:01:15 -05:00
Marcus Da Coregio
7f2c797086 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:39:56 -03:00
Marcus Da Coregio
e5ae35ab71 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:39:33 -03:00
Marcus Da Coregio
a996dfc55b Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:38:50 -03:00
Marcus Da Coregio
d66ad22652 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:32:44 -03:00
Steve Riesenberg
a72c5a55db
Revert "Remove @Configuration from webflux config examples" 
This reverts commit aec9effb88f70151912971b2f8b05dc4a9afaa2f.
 2022-07-26 16:46:01 -05:00
Joshua Sattler
aec9effb88 Remove @Configuration from webflux config examples 2022-07-26 16:34:10 -05:00
Rob Winch
7a860e1568 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:26:31 -05:00
Rob Winch
ad9e737bf2 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:25:52 -05:00
Rob Winch
0d74da4f97 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:24:54 -05:00
Rob Winch
9fbe6b7731 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 15:49:52 -05:00
Desmond Silveira
0d3c3c676d
"Well-Know" should be "Well-Known" 2022-07-26 15:45:27 -05:00
Desmond Silveira
06aa3362dd
"Well-Know" should be "Well-Known" 2022-07-26 15:44:41 -05:00
Rob Winch
b6258fe1f9 Apply ArtifactoryPlugin in RootProjectPlugin 
Issue gh-10602
 2022-07-26 15:42:51 -05:00
Rob Winch
8aa6fbfed2 ArtifactoryPlugin only apply default publications for MavenPublishPlugin 
Issue gh-10602
 2022-07-26 15:42:51 -05:00
Rob Winch
e3ed6b3539 Update to build-info-extractor-gradle:4.29.0 
Issue gh-10602
 2022-07-26 15:42:50 -05:00
Desmond Silveira
3b9f5ac77b
"Well-Know" should be "Well-Known" 2022-07-26 15:41:38 -05:00
Desmond Silveira
2a336d4f49 "Well-Know" should be "Well-Known" 2022-07-26 15:41:05 -05:00
Steve Riesenberg
3f4efedd23
Polish gh-11367 2022-07-26 15:33:34 -05:00
naveen
8f93a7fc94
Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-07-26 15:33:33 -05:00