Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-23 12:32:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,499 Commits 55 Branches 348 Tags
Commit Graph

17499 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rob Winch
fa533ea5e2
Merge branch '6.3.x' into 6.4.x 
- rm mark-duplicate-dependabot-prs.yml
 2025-05-02 11:26:47 -05:00
Rob Winch
a04025c114
rm mark-duplicate-dependabot-prs.yml 2025-05-02 11:26:41 -05:00
Rob Winch
99cede5e08
Merge branch '6.3.x' into 6.4.x 
- Remove automerge forward
 2025-05-02 11:23:14 -05:00
Rob Winch
1564076276
Remove automerge forward 2025-05-02 11:23:01 -05:00
Rob Winch
389ba794fa
Merge branch '6.3.x' into 6.4.x 
- Add .github/workflows/codeql.yml
 2025-05-02 11:17:07 -05:00
Rob Winch
ae09f36291
Add .github/workflows/codeql.yml 2025-05-02 11:15:37 -05:00
Josh Cummings
c4a0dfe838 Merge remote-tracking branch 'origin/6.3.x' into 6.4.x 2025-05-01 12:03:05 -06:00
Soumik Sarker
bcef6ed74f Reformatted lines in x509 overview documentation 
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
 2025-05-01 12:02:45 -06:00
Josh Cummings
d02a9a3c46
Merge branch '6.3.x' into 6.4.x 2025-04-29 14:48:56 -06:00
github-actions[bot]
c8581683da
Bump Gradle Wrapper from 8.13 to 8.14. 
Release notes of Gradle 8.14 can be found here:
https://docs.gradle.org/8.14/release-notes.html

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
 2025-04-29 14:48:42 -06:00
Josh Cummings
a4126aa27d
Merge branch '6.3.x' into 6.4.x 2025-04-29 14:27:40 -06:00
Josh Cummings
f631a0fcd5
Polish ClientRegistrationsTests 
Simplified the assertion so that it is focused on the core
behavior being verified. This will likely also make the test
more stable when updating Spring Framework versions.

Issue gh-16860
 2025-04-29 14:27:04 -06:00
Josh Cummings
656ad72608
Merge branch '6.3.x' into 6.4.x 
Closes gh-17016
 2025-04-29 14:22:52 -06:00
Evgeniy Cheban
0e84f31a00 Add ClientRegistration's RestClient failed attempts information to exception message 
Closes gh-16860

Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
 2025-04-29 13:43:20 -06:00
Josh Cummings
d76ccc6856
Merge branch '6.3.x' into 6.4.x 2025-04-29 13:38:41 -06:00
Yanming Zhou
9c76ab69f0 Use proper configuration key 
the getter method is `getOpaquetoken()` not `getOpaqueToken()`

See c6045c3111/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/OAuth2ResourceServerProperties.java (L51)

Signed-off-by: Yanming Zhou <zhouyanming@gmail.com>
 2025-04-29 13:37:51 -06:00
Josh Cummings
868342b3a9
Add OpenSAML 5 Test 
Issue gh-17008
 2025-04-28 11:25:31 -06:00
Josh Cummings
ce000ed190
Merge branch '6.3.x' into 6.4.x 
Closes gh-17008
 2025-04-28 11:18:46 -06:00
Josh Cummings
5354e4d2c5
Check for Null Issuer 
Closes gh-16989
 2025-04-28 11:18:32 -06:00
Josh Cummings
e6957bb854
Merge branch '6.3.x' into 6.4.x 2025-04-28 11:13:09 -06:00
Rob Winch
db48d4ca50
rm merge-dependabot-pr.yml from Unsupported Branch 2025-04-25 13:17:14 -05:00
Josh Cummings
547d174f3e Fix Formatting 2025-04-24 10:43:03 -06:00
Roman Trapickin
d2d1275b39 Fix IllegalArgumentException message for unknown Argon2 types 
Array index 0 points to an empty string. Use index 1 instead.

Signed-off-by: Roman Trapickin <8594293+rntrp@users.noreply.github.com>
 2025-04-24 10:43:03 -06:00
dependabot[bot]
54cd987dbc Bump org.springframework.data:spring-data-bom from 2024.1.4 to 2024.1.5 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.1.4 to 2024.1.5.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.1.4...2024.1.5)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-22 20:55:32 -07:00
github-actions[bot]
9495a332bc Merge branch '6.3.x' into 6.4.x 2025-04-23 03:50:20 +00:00
dependabot[bot]
7bf776ec38 Bump org.springframework.data:spring-data-bom 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2024.0.10 to 2024.0.11.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2024.0.10...2024.0.11)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2024.0.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-22 20:49:38 -07:00
Rob Winch
1ccd600a18
Merge branch '6.3.x' into 6.4.x 
- Update to io.spring.gradle:spring-security-release-plugin:1.0.5

Closes gh-6.3.10 in 6.4.x
 2025-04-21 13:45:44 -05:00
Rob Winch
7a302a9eb8
Merge branch '6.3.x' (early part) into 6.4.x 2025-04-21 13:45:38 -05:00
Rob Winch
e47a6714a5
Update to io.spring.gradle:spring-security-release-plugin:1.0.5 
Closes gh-6.3.10
 2025-04-21 13:44:10 -05:00
github-actions[bot]
a4d7ac24c8 Next development version 2025-04-21 16:28:51 +00:00
github-actions[bot]
b9cae82b89 Next development version 2025-04-21 16:26:30 +00:00
github-actions[bot]
e8aef09b4f Release 6.4.5 6.4.5 2025-04-21 15:58:58 +00:00
github-actions[bot]
f6354250a1 Release 6.3.9 6.3.9 2025-04-21 15:58:56 +00:00
Josh Cummings
f8d417dc03
Preserve Encrypted Elements 
Closes gh-16367
 2025-04-21 08:32:07 -06:00
dependabot[bot]
79bacf8204 Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.5 to 6.2.6.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.5...v6.2.6)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.2.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-17 20:58:02 -07:00
dependabot[bot]
9bcfeab1d6 Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to 3.2.12 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.11 to 3.2.12.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.11...3.2.12)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-17 20:57:53 -07:00
github-actions[bot]
254c9c9b2d Merge branch '6.3.x' into 6.4.x 2025-04-18 03:50:03 +00:00
dependabot[bot]
a5d963387b Bump org.springframework:spring-framework-bom from 6.1.18 to 6.1.19 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.1.18 to 6.1.19.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v6.1.18...v6.1.19)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 6.1.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-17 20:49:18 -07:00
github-actions[bot]
e5d9659b8f Merge branch '6.3.x' into 6.4.x 2025-04-18 03:37:29 +00:00
dependabot[bot]
99c4f58c34 Bump org.springframework.ldap:spring-ldap-core from 3.2.11 to 3.2.12 
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap) from 3.2.11 to 3.2.12.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases)
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt)
- [Commits](https://github.com/spring-projects/spring-ldap/compare/3.2.11...3.2.12)

---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
  dependency-version: 3.2.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-17 20:36:42 -07:00
Joe Grandja
cb60d8b3ed Merge branch '6.3.x' into 6.4.x 
Closes gh-16951
 2025-04-17 05:17:38 -04:00
Joe Grandja
c1aa99fdd2 Enforce BCrypt password length for new passwords only 
Closes gh-16802
 2025-04-17 04:53:33 -04:00
dependabot[bot]
f1a211ae0c Bump io.projectreactor:reactor-bom from 2023.0.16 to 2023.0.17 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.16 to 2023.0.17.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.16...2023.0.17)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2023.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-15 21:22:57 -07:00
github-actions[bot]
a1481572ed Merge branch '6.3.x' into 6.4.x 2025-04-16 03:51:45 +00:00
dependabot[bot]
eb01394427 Bump io.projectreactor:reactor-bom from 2023.0.16 to 2023.0.17 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2023.0.16 to 2023.0.17.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2023.0.16...2023.0.17)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2023.0.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-15 20:50:56 -07:00
dependabot[bot]
0ff3474e2d Bump io.micrometer:micrometer-observation from 1.14.5 to 1.14.6 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.5 to 1.14.6.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.5...v1.14.6)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-14 20:34:10 -07:00
dependabot[bot]
2ce4aecec7 Bump org-aspectj from 1.9.22.1 to 1.9.24 
Bumps `org-aspectj` from 1.9.22.1 to 1.9.24.

Updates `org.aspectj:aspectjrt` from 1.9.22.1 to 1.9.24
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.22.1 to 1.9.24
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-13 20:30:04 -07:00
github-actions[bot]
7c90300912 Merge branch '6.3.x' into 6.4.x 2025-04-14 03:23:18 +00:00
dependabot[bot]
0d3d6f75f8 Bump org-aspectj from 1.9.22.1 to 1.9.24 
Bumps `org-aspectj` from 1.9.22.1 to 1.9.24.

Updates `org.aspectj:aspectjrt` from 1.9.22.1 to 1.9.24
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.22.1 to 1.9.24
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.24
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-13 20:22:34 -07:00
dependabot[bot]
a10a35c2ac Bump io.spring.gradle:spring-security-release-plugin from 1.0.3 to 1.0.4 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.3...v1.0.4)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-09 21:12:41 -07:00