Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,252 Commits 34 Branches 334 Tags 114 MiB
Commit Graph

17252 Commits

Author SHA1 Message Date
Evgeniy Cheban f45cc22e11 Allow configuring custom ServerHttpHeadersWriter for Kotlin DSL 
Closes gh-16009
 2024-12-16 17:54:04 -07:00
dependabot[bot] 12a6431496 Bump org.junit:junit-bom from 5.11.3 to 5.11.4 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.11.3 to 5.11.4.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.3...r5.11.4)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 16:38:05 -08:00
dependabot[bot] 036f6f27bf Bump org.springframework.data:spring-data-bom from 2024.1.0 to 2024.1.1 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.0 to 2024.1.1.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.0...2024.1.1)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 11:49:52 -08:00
github-actions[bot] a2176fe58c Merge branch '6.4.x' 2024-12-16 17:25:47 +00:00
dependabot[bot] bf6a2fab01 Bump org.junit:junit-bom from 5.11.3 to 5.11.4 
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit5) from 5.11.3 to 5.11.4.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.3...r5.11.4)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 09:24:55 -08:00
Steve Riesenberg 5610b35a2f
Ignore updates to org.apache.directory.shared 
Related gh-16277

[skip ci]
 2024-12-16 11:10:38 -06:00
Steve Riesenberg 472d0e2f82
Merge branch '6.4.x' 2024-12-16 10:44:42 -06:00
Steve Riesenberg 64964ca5be
Merge branch '6.3.x' into 6.4.x 2024-12-16 10:44:29 -06:00
github-actions[bot] ac0ca0cafc Next development version 2024-12-16 16:36:38 +00:00
github-actions[bot] 5fe6d9259f Release 6.4.2 2024-12-16 15:58:35 +00:00
github-actions[bot] 87888d42fc Next development version 2024-12-16 15:50:41 +00:00
github-actions[bot] 85ca9e9a57 Release 6.3.6 2024-12-16 15:23:29 +00:00
github-actions[bot] ec75622b30 Merge branch '6.4.x' 2024-12-16 03:48:39 +00:00
dependabot[bot] 57a06ead66 Bump org.springframework.data:spring-data-bom from 2024.1.0 to 2024.1.1 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.0 to 2024.1.1.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.0...2024.1.1)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-15 19:47:48 -08:00
github-actions[bot] 6df0fbbe1b Merge branch '6.4.x' 2024-12-16 03:26:46 +00:00
github-actions[bot] e4dde52fa4 Merge branch '6.3.x' into 6.4.x 2024-12-16 03:26:46 +00:00
dependabot[bot] d9e9e3cdeb Bump org.springframework.data:spring-data-bom from 2024.0.6 to 2024.0.7 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.0.6 to 2024.0.7.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.0.6...2024.0.7)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-15 19:26:03 -08:00
Josh Cummings a5b0304596
Move AnyRequest Validation 
This will make way for other adding other checks

Issue gh-15982
 2024-12-13 18:24:57 -07:00
Josh Cummings c1f5eb3192
Merge branch '6.4.x' 2024-12-13 18:24:39 -07:00
Josh Cummings 5ee1586a5a
Remove Unexposed Inner Classes from Serialization Test 
The following inner classes are used only internally by a non-Serializable component

Issue gh-16276
 2024-12-13 18:18:09 -07:00
Josh Cummings 9d02949fa9
Merge branch '6.4.x' 2024-12-13 16:58:17 -07:00
Josh Cummings 018e1ae1a4
Added Serialization Values 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Josh Cummings b9911fd522
Add serialVersionUID to Authentication classes 
Issue gh-16276
 2024-12-13 16:41:32 -07:00
Josh Cummings 77f76f8465
Merge branch '6.4.x' 2024-12-13 11:53:51 -07:00
Josh Cummings e3cd4339b2
Add Serial Version 
Closes gh-16163
 2024-12-13 11:53:15 -07:00
Rob Winch a6354e5137 Merge branch '6.4.x' 
Closes gh-16283
 2024-12-13 10:10:21 -06:00
Daniel Garnier-Moiroux fb954063bf Fix WebAuthnWebdriverTests 
Closes gh-16279
 2024-12-13 10:08:27 -06:00
Rob Winch 5a81a1fe66 Merge branch '6.4.x' 2024-12-12 22:21:44 -06:00
Rob Winch 2a76a09552 Disable Flaky WebAuthnWebDriverTests 2024-12-12 22:21:36 -06:00
github-actions[bot] 5f9b84a0ff Merge branch '6.4.x' 2024-12-13 04:07:33 +00:00
dependabot[bot] 809d8a84a3 Bump gradle/gradle-build-action from 2 to 3 
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2 to 3.
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 20:06:48 -08:00
Rob Winch 2fcd305509 Increment to 6.5.0-SNAPSHOT 
Closes gh-16221
 2024-12-12 21:47:11 -06:00
Josh Cummings 7e83fd54aa
Add Test Saml 2.0 Test Objects 2024-12-12 18:12:11 -07:00
Josh Cummings 7592483654
Add Test to Report Missing serialVersionUID 
Issue gh-16276
 2024-12-12 18:12:11 -07:00
Josh Cummings f7b9b7228f
Include Classes Listed in Generator Map 
This allows testing of classes that are serializable,
but do not use Security's serialVersionUID.

Issue gh-16276
 2024-12-12 18:07:53 -07:00
Josh Cummings 82cc3ad5ec
Arrange Class Generators by Module 
Issue gh-16276
 2024-12-12 18:07:52 -07:00
Josh Cummings 47b5ab400a
Add 6.4.x Serialization Files 
Closes gh-16274
 2024-12-12 18:07:52 -07:00
dependabot[bot] 103a98ff9e Bump org.springframework:spring-framework-bom from 6.2.0 to 6.2.1 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.0...v6.2.1)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:31:16 -08:00
github-actions[bot] d290c5c205 Merge branch '6.3.x' 2024-12-12 21:25:03 +00:00
dependabot[bot] 3e43eda42b Bump org.springframework:spring-framework-bom from 6.1.15 to 6.1.16 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.15 to 6.1.16.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.15...v6.1.16)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:24:18 -08:00
dependabot[bot] 511bcc25f2 Bump org.springframework.ldap:spring-ldap-core from 3.2.8 to 3.2.10 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.8 to 3.2.10.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.8...3.2.10)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:16:34 -08:00
github-actions[bot] 3008ccc98e Merge branch '6.3.x' 2024-12-12 21:12:28 +00:00
dependabot[bot] e7d6dc22b2 Bump org.springframework.ldap:spring-ldap-core from 3.2.8 to 3.2.10 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.8 to 3.2.10.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.8...3.2.10)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-12 13:11:47 -08:00
Steve Riesenberg 180ac5497e
Remove exclusion that is no longer used 
Issue gh-16268
 2024-12-12 15:02:11 -06:00
Steve Riesenberg cb08e37d31
Remove 5.8.x and 6.2.x dependabot configuration 
Closes gh-16268
 2024-12-12 15:01:07 -06:00
Steve Riesenberg 49e7a3e65f
Revert "Include 5.8.x on Dependabot Auto Merge Forward" 
This reverts commit d5a0fa9134.

Closes gh-15770
 2024-12-12 14:50:12 -06:00
Yoshikazu Nojima ee1ede8b2d Update document regarding PublicKeyCredentialCreationOptions.attestation value 
Follow up for #16252
 2024-12-12 09:02:42 -06:00
Steve Riesenberg 682c40894e
Merge branch '6.3.x' 
Closes gh-16263
 2024-12-11 18:00:39 -06:00
Steve Riesenberg da06f6a9e6
Replace GRADLE_ENTERPRISE_SECRET_ACCESS_KEY with DEVELOCITY_ACCESS_KEY 
Closes gh-16262
 2024-12-11 18:00:31 -06:00
Yoshikazu Nojima d7d5253607 Change attestation in PublicKeyCredentialCreationOptions to none 
The attestation option in PublicKeyCredentialCreationOptions is a
parameter that controls whether to request attestation from the security key.
However, Spring Security Passkeys currently doesn't implement attestation verification.
Therefore, requesting attestation is unnecessary.
Specifying `direct` to request attestation may trigger browsers to
display additional privacy related dialog to users, so it is best to
avoid specifying `direct` unnecessarily.
 2024-12-11 17:18:18 -06:00