9861769b02
Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity
...
Closes gh-11277
2022-07-29 17:42:20 -05:00
02459919cc
Skip workflows on forks of spring-security
2022-07-28 15:13:56 -05:00
57d212ddca
Use cache and user.name system property on Windows
2022-07-28 15:13:55 -05:00
539b17f6da
Only run prerequisites job if on upstream repo
2022-07-28 15:13:54 -05:00
37e1ad27fe
Simplify dependency graph
2022-07-28 15:13:53 -05:00
043fdd6f03
Use Spring Gradle Build Action
...
Closes gh-11630
2022-07-28 15:13:52 -05:00
3234e05085
Polish gh-11367
2022-07-28 15:13:51 -05:00
f957e3c051
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
Closes gh-11367
2022-07-28 15:13:51 -05:00
24033be046
Skip workflows on forks of spring-security
2022-07-28 15:11:09 -05:00
47a5665767
Use cache and user.name system property on Windows
2022-07-28 15:11:08 -05:00
aad60cc6af
Only run prerequisites job if on upstream repo
2022-07-28 15:11:07 -05:00
13e94935ae
Simplify dependency graph
2022-07-28 15:11:06 -05:00
6c29007fac
Use Spring Gradle Build Action
...
Closes gh-11630
2022-07-28 15:11:05 -05:00
6ad567f0fa
Polish gh-11367
2022-07-28 15:11:05 -05:00
8c634f8a9d
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
Closes gh-11367
2022-07-28 15:11:04 -05:00
4fbbfd2c8b
Skip workflows on forks of spring-security
2022-07-28 15:07:02 -05:00
66da4301fc
Use cache and user.name system property on Windows
2022-07-28 15:07:02 -05:00
8929bd5abc
Only run prerequisites job if on upstream repo
2022-07-28 15:07:02 -05:00
e3d1405f67
Simplify dependency graph
2022-07-28 15:07:02 -05:00
e756a1df19
Use Spring Gradle Build Action
...
Closes gh-11630
2022-07-28 15:07:02 -05:00
81fae2db2c
Polish gh-11367
2022-07-28 15:07:01 -05:00
054a3f0bc0
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
Closes gh-11367
2022-07-28 15:07:00 -05:00
9d248c7185
Skip workflows on forks of spring-security
2022-07-28 14:17:42 -05:00
865bf23ecc
Use cache and user.name system property on Windows
2022-07-28 13:00:15 -05:00
4393c2ea02
Add hash-based Content-Security-Policy for SAML pages
...
Closes gh-11631
2022-07-27 18:04:39 -06:00
409998a3fe
Add hash-based Content-Security-Policy for SAML pages
...
Closes gh-11631
2022-07-27 17:59:42 -06:00
f86d30f4a1
Only run prerequisites job if on upstream repo
2022-07-27 16:01:16 -05:00
dc59d12405
Simplify dependency graph
2022-07-27 16:01:15 -05:00
bdeb32854e
Use Spring Gradle Build Action
...
Closes gh-11630
2022-07-27 16:01:15 -05:00
7f2c797086
Add Deprecated annotation to WebSecurity#securityInterceptor
...
Closes gh-11634
2022-07-27 14:39:56 -03:00
e5ae35ab71
Add Deprecated annotation to WebSecurity#securityInterceptor
...
Closes gh-11634
2022-07-27 14:39:33 -03:00
a996dfc55b
Add Deprecated annotation to WebSecurity#securityInterceptor
...
Closes gh-11634
2022-07-27 14:38:50 -03:00
d66ad22652
Add Deprecated annotation to WebSecurity#securityInterceptor
...
Closes gh-11634
2022-07-27 14:32:44 -03:00
a72c5a55db
Revert "Remove @Configuration from webflux config examples"
...
This reverts commit aec9effb88
2022-07-26 16:46:01 -05:00
aec9effb88
Remove @Configuration from webflux config examples
2022-07-26 16:34:10 -05:00
7a860e1568
Fix Snapshot Sources/Javadoc
...
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.
Closes gh-10602
2022-07-26 16:26:31 -05:00
ad9e737bf2
Fix Snapshot Sources/Javadoc
...
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.
Closes gh-10602
2022-07-26 16:25:52 -05:00
0d74da4f97
Fix Snapshot Sources/Javadoc
...
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.
Closes gh-10602
2022-07-26 16:24:54 -05:00
9fbe6b7731
Fix Snapshot Sources/Javadoc
...
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.
Closes gh-10602
2022-07-26 15:49:52 -05:00
0d3c3c676d
"Well-Know" should be "Well-Known"
2022-07-26 15:45:27 -05:00
06aa3362dd
"Well-Know" should be "Well-Known"
2022-07-26 15:44:41 -05:00
b6258fe1f9
Apply ArtifactoryPlugin in RootProjectPlugin
...
Issue gh-10602
2022-07-26 15:42:51 -05:00
8aa6fbfed2
ArtifactoryPlugin only apply default publications for MavenPublishPlugin
...
Issue gh-10602
2022-07-26 15:42:51 -05:00
e3ed6b3539
Update to build-info-extractor-gradle:4.29.0
...
Issue gh-10602
2022-07-26 15:42:50 -05:00
3b9f5ac77b
"Well-Know" should be "Well-Known"
2022-07-26 15:41:38 -05:00
2a336d4f49
"Well-Know" should be "Well-Known"
2022-07-26 15:41:05 -05:00
3f4efedd23
Polish gh-11367
2022-07-26 15:33:34 -05:00
8f93a7fc94
Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.
- Included permissions for the action.
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-07-26 15:33:33 -05:00
b76966638d
Use Spring Framework 6.0.0-SNAPSHOT
2022-07-25 14:24:55 -03:00
0c549ee147
Use SHA256 by default in Remember Me
...
Closes gh-11520
2022-07-25 10:33:12 -03:00
Steve Riesenberg
naveen
Ulrich Grave
Marcus Da Coregio
Joshua Sattler
Rob Winch
Desmond Silveira