Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-12-28 11:00:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,968 Commits 54 Branches 369 Tags
Commit Graph

18968 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
e6a4ee03ff
Bump org.springframework:spring-framework-bom from 6.2.13 to 6.2.14 2025-11-21 09:56:29 -06:00
Rob Winch
5cd3f535cf
Merge branch '6.4.x' into 6.5.x 2025-11-21 09:56:08 -06:00
Rob Winch
8ecc4a9157
Bump org.hibernate.orm:hibernate-core from 6.6.34.Final to 6.6.36.Final 2025-11-21 09:55:00 -06:00
Rob Winch
af33ace82f
Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 2025-11-21 09:54:58 -06:00
dependabot[bot]
7a614a535e
Bump org.springframework:spring-framework-bom from 6.2.13 to 6.2.14 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.13 to 6.2.14.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.13...v6.2.14)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 03:17:48 +00:00
dependabot[bot]
ddebff043d
Bump org.springframework:spring-framework-bom from 6.2.13 to 6.2.14 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.13 to 6.2.14.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.13...v6.2.14)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 03:13:00 +00:00
Josh Cummings
a79354ead9
Merge branch '6.4.x' into 6.5.x 2025-11-19 15:25:48 -07:00
Josh Cummings
29c63bee69
Stop Deploying JavaDoc Outside of Antora 
Closes gh-18198
 2025-11-19 15:23:50 -07:00
dependabot[bot]
944322932a
Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.20 to 1.5.21.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.20...v_1.5.21)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-18 03:15:36 +00:00
dependabot[bot]
affa36b9bb
Bump org.hibernate.orm:hibernate-core from 6.6.34.Final to 6.6.36.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.34.Final to 6.6.36.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.36/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.34...6.6.36)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.36.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-18 03:15:13 +00:00
github-actions[bot]
4825680eb9 Next development version 2025-11-17 17:46:38 +00:00
github-actions[bot]
9ff2d96088 Next development version 2025-11-17 17:36:38 +00:00
github-actions[bot]
644901fed5 Release 6.4.13 6.4.13 2025-11-17 17:05:12 +00:00
github-actions[bot]
e5a379cc91 Release 6.5.7 6.5.7 2025-11-17 17:04:45 +00:00
Rob Winch
7ad28772bc
Update to Spring Data 2024.1.12 
Closes gh-18182
 2025-11-17 10:31:45 -06:00
Rob Winch
2678925c21
Update to Reactor 2024.0.12 
This aligns with Spring Framework's version.

Closes gh-18181
 2025-11-17 10:30:45 -06:00
Rob Winch
87472c9ab4
Update to Spring Framework 6.2.13 
Closes gh-18180
 2025-11-17 10:29:49 -06:00
Rob Winch
ea036702fc
Merge branch '6.4.x' into 6.5.x 2025-11-17 10:27:16 -06:00
Rob Winch
09805317e6
Update Spring Data 2024.1.12 
Closes gh-18179
 2025-11-17 10:27:01 -06:00
Rob Winch
4ab933803f
Update to Reactor 2024.0.12 
This aligns with Spring Framework's version of Reactor

Closes gh-18178
 2025-11-17 10:26:09 -06:00
Rob Winch
d2b1cb572f
Update to Spring Framework 6.2.13 
Closes gh-18177
 2025-11-17 10:25:21 -06:00
Rob Winch
70076188af
Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 2025-11-17 09:34:44 -06:00
Rob Winch
57c9b1365c
Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final 2025-11-17 09:34:42 -06:00
Rob Winch
1c3d28f14d
Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13 2025-11-17 09:34:40 -06:00
Rob Winch
aaadb43ef8
Bump org-aspectj from 1.9.24 to 1.9.25 2025-11-17 09:34:38 -06:00
Rob Winch
a6c1a02afa
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 2025-11-17 09:34:35 -06:00
Rob Winch
baebd04df7
Merge branch '6.4.x' into 6.5.x 2025-11-17 09:34:26 -06:00
Rob Winch
d0166004aa
Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 2025-11-17 09:33:40 -06:00
Rob Winch
9f96fbcda0
Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final 2025-11-17 09:33:37 -06:00
Rob Winch
ccffb48fd1
Bump org-aspectj from 1.9.24 to 1.9.25 2025-11-17 09:33:35 -06:00
Rob Winch
d0fcdebe88
Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13 2025-11-17 09:33:33 -06:00
dependabot[bot]
af47cc2abe
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.12 to 1.14.13.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.12...v1.14.13)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-07 03:20:24 +00:00
dependabot[bot]
f997e22d9d
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.12 to 1.14.13.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.12...v1.14.13)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-07 03:14:59 +00:00
dependabot[bot]
c85cb2d1ef
Bump org-aspectj from 1.9.24 to 1.9.25 
Bumps `org-aspectj` from 1.9.24 to 1.9.25.

Updates `org.aspectj:aspectjrt` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 03:19:48 +00:00
dependabot[bot]
bf26dd9b33
Bump io.spring.gradle:spring-security-release-plugin 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.11 to 1.0.13.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.11...v1.0.13)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 03:19:25 +00:00
dependabot[bot]
ff908c4d7c
Bump io.spring.gradle:spring-security-release-plugin 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.11 to 1.0.13.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.11...v1.0.13)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 03:15:17 +00:00
dependabot[bot]
521f533fc4
Bump org-aspectj from 1.9.24 to 1.9.25 
Bumps `org-aspectj` from 1.9.24 to 1.9.25.

Updates `org.aspectj:aspectjrt` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 03:14:41 +00:00
Josh Cummings
f988272fff Merge branch '6.4.x' into 6.5.x 2025-11-04 14:04:29 -07:00
Josh Cummings
532d0bef14 Add Test to Confirm 72-byte BCrypt Password Limit 
Closes gh-18133
 2025-11-04 14:04:02 -07:00
Rob Winch
c1e9e10bf0
Merge branch '6.4.x' into 6.5.x 
Closes gh-18131
 2025-11-04 11:28:40 -06:00
Daniel Garnier-Moiroux
fed6df5167 Default WebAuthnConfigurer#rpName to rpId 
In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated:

> This member is deprecated because many clients do not display it,
> but it remains a required dictionary member for backwards compatibility.
> Relying Parties MAY, as a safe default, set this equal to the RP ID.

Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-11-04 11:16:22 -06:00
Rob Winch
8fa2fc0e1e
Merge branch '6.4.x' into 6.5.x 2025-11-04 10:24:15 -06:00
Daniel Garnier-Moiroux
4feeb0f843 Docs: document effects of disabling CORS configurer 
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-11-04 10:23:46 -06:00
namest504
6501e97ece Fix sensitive case in JwtTypeValidator 
Closes gh-18092

Signed-off-by: namest504 <namest504@gmail.com>
 2025-10-28 12:08:29 -06:00
dependabot[bot]
ee49c18ce2
Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.33.Final to 6.6.34.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.34/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.33...6.6.34)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.34.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-28 03:20:26 +00:00
dependabot[bot]
f0afca7610
Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.4.1 to 2.18.5.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.4.1...jackson-bom-2.18.5)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.18.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-28 03:19:44 +00:00
dependabot[bot]
8b0689cbb8
Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.33.Final to 6.6.34.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.34/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.33...6.6.34)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.34.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-28 03:15:58 +00:00
dependabot[bot]
28e158d1cb
Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.4.1 to 2.18.5.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.4.1...jackson-bom-2.18.5)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.18.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-28 03:15:38 +00:00
Josh Cummings
f548aaf5c5 Merge branch '6.4.x' into 6.5.x 2025-10-20 17:42:25 -06:00
Josh Cummings
1c112005fa Don't Attempt to Generate Token Without Valid Token Request 
Closes gh-18088

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2025-10-20 17:09:43 -06:00