Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-12-27 02:23:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,807 Commits 54 Branches 369 Tags
Commit Graph

19807 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
1d99a7fb14 Release 7.0.0 7.0.0 2025-11-17 17:04:54 +00:00
Rob Winch
0400e29df1
Merge branch '6.5.x' 2025-11-17 10:31:58 -06:00
Rob Winch
7ad28772bc
Update to Spring Data 2024.1.12 
Closes gh-18182
 2025-11-17 10:31:45 -06:00
Rob Winch
2678925c21
Update to Reactor 2024.0.12 
This aligns with Spring Framework's version.

Closes gh-18181
 2025-11-17 10:30:45 -06:00
Rob Winch
87472c9ab4
Update to Spring Framework 6.2.13 
Closes gh-18180
 2025-11-17 10:29:49 -06:00
Rob Winch
ea036702fc
Merge branch '6.4.x' into 6.5.x 2025-11-17 10:27:16 -06:00
Rob Winch
09805317e6
Update Spring Data 2024.1.12 
Closes gh-18179
 2025-11-17 10:27:01 -06:00
Rob Winch
4ab933803f
Update to Reactor 2024.0.12 
This aligns with Spring Framework's version of Reactor

Closes gh-18178
 2025-11-17 10:26:09 -06:00
Rob Winch
d2b1cb572f
Update to Spring Framework 6.2.13 
Closes gh-18177
 2025-11-17 10:25:21 -06:00
Rob Winch
3e936ebe75
Update to Spring LDAP 4.0.0 
Closes gh-18175
 2025-11-17 09:47:38 -06:00
Rob Winch
ecc2775796
Update to Spring Data 2025.1.0 
Closes gh-18174
 2025-11-17 09:47:20 -06:00
Rob Winch
cf8e3ee2ab
Update to Reactor 2025.0.0 
Closes gh-18173
 2025-11-17 09:46:51 -06:00
Rob Winch
12ba56bbf2
Update to Spring Framework 7.0.0 
Closes gh-18172
 2025-11-17 09:46:29 -06:00
Rob Winch
2f8638d867
Bump org.jetbrains.kotlin:kotlin-bom from 2.2.20 to 2.2.21 2025-11-17 09:35:41 -06:00
Rob Winch
17aad2cea3
Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 2.2.20 to 2.2.21 2025-11-17 09:35:39 -06:00
Rob Winch
9184ad3ad5
Merge branch '6.5.x' 2025-11-17 09:35:29 -06:00
Rob Winch
70076188af
Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 2025-11-17 09:34:44 -06:00
Rob Winch
57c9b1365c
Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final 2025-11-17 09:34:42 -06:00
Rob Winch
1c3d28f14d
Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13 2025-11-17 09:34:40 -06:00
Rob Winch
aaadb43ef8
Bump org-aspectj from 1.9.24 to 1.9.25 2025-11-17 09:34:38 -06:00
Rob Winch
a6c1a02afa
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 2025-11-17 09:34:35 -06:00
Rob Winch
baebd04df7
Merge branch '6.4.x' into 6.5.x 2025-11-17 09:34:26 -06:00
Rob Winch
d0166004aa
Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 2025-11-17 09:33:40 -06:00
Rob Winch
9f96fbcda0
Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final 2025-11-17 09:33:37 -06:00
Rob Winch
ccffb48fd1
Bump org-aspectj from 1.9.24 to 1.9.25 2025-11-17 09:33:35 -06:00
Rob Winch
d0fcdebe88
Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13 2025-11-17 09:33:33 -06:00
Rob Winch
26991bbe5f AuthenticationRequest uses rawId.getBytes() 
Previously id.getBytes() was used which was problemantic because
the id is base64 encoded and this did not match the expected ids.

Closes gh-18158
 2025-11-14 15:21:20 -06:00
Rob Winch
e4106ecf68 Add Webauthn4JRelyingPartyOperations.setObjectConverter 
Simplifies testing of Webauthn4JRelyingPartyOperations

Issue gh-18158
 2025-11-14 15:21:20 -06:00
Daniel Garnier-Moiroux
7cb57ab940 Improve webauthn webdriver tests 
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-11-14 15:21:20 -06:00
Joe Grandja
b130e728b7 Polish gh-18153 
Issue gh-18144
 2025-11-11 14:27:50 -05:00
Andrey Litvitski
e6db56ab4f Add a minimal authorization server configuration 
Closes gh-18144

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-11-11 14:27:36 -05:00
dependabot[bot]
af47cc2abe
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.12 to 1.14.13.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.12...v1.14.13)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-07 03:20:24 +00:00
dependabot[bot]
f997e22d9d
Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.12 to 1.14.13.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.12...v1.14.13)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-07 03:14:59 +00:00
github-actions[bot]
b7fb2892ed Next development version 2025-11-06 17:35:33 +00:00
github-actions[bot]
608b1484e4 Release 7.0.0-RC3 7.0.0-RC3 2025-11-06 17:07:27 +00:00
Joe Grandja
5fb2875f47 AOT hints for authorization server Jackson 3 types should be registered 
Closes gh-18146
 2025-11-06 10:14:00 -05:00
Joe Grandja
27ae318992 JdbcRegisteredClientRepository should support Jackson 3 
Issue gh-17832

Closes gh-18143
 2025-11-05 15:27:14 -05:00
Joe Grandja
73840663b9 Polish JdbcOAuth2AuthorizationService 2025-11-05 06:41:41 -05:00
dependabot[bot]
c85cb2d1ef
Bump org-aspectj from 1.9.24 to 1.9.25 
Bumps `org-aspectj` from 1.9.24 to 1.9.25.

Updates `org.aspectj:aspectjrt` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 03:19:48 +00:00
dependabot[bot]
bf26dd9b33
Bump io.spring.gradle:spring-security-release-plugin 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.11 to 1.0.13.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.11...v1.0.13)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 03:19:25 +00:00
dependabot[bot]
ff908c4d7c
Bump io.spring.gradle:spring-security-release-plugin 
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.11 to 1.0.13.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.11...v1.0.13)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 03:15:17 +00:00
dependabot[bot]
521f533fc4
Bump org-aspectj from 1.9.24 to 1.9.25 
Bumps `org-aspectj` from 1.9.24 to 1.9.25.

Updates `org.aspectj:aspectjrt` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 03:14:41 +00:00
Josh Cummings
5662e17370 Add Nullable Annotations 
Added Nullable to methods that may return a null value

Closes gh-18046
 2025-11-04 15:08:12 -07:00
Josh Cummings
63f28a7e1f Merge branch '6.5.x' 2025-11-04 14:04:56 -07:00
Josh Cummings
f988272fff Merge branch '6.4.x' into 6.5.x 2025-11-04 14:04:29 -07:00
Josh Cummings
532d0bef14 Add Test to Confirm 72-byte BCrypt Password Limit 
Closes gh-18133
 2025-11-04 14:04:02 -07:00
Joe Grandja
571bd60d82 Document OAuth 2.0 Protected Resource Metadata support 
Issue gh-17244
 2025-11-04 14:37:19 -05:00
Rob Winch
6471a32d66
Merge branch '6.5.x' 
Closes gh-18132
 2025-11-04 11:37:11 -06:00
Rob Winch
c1e9e10bf0
Merge branch '6.4.x' into 6.5.x 
Closes gh-18131
 2025-11-04 11:28:40 -06:00
Daniel Garnier-Moiroux
fed6df5167 Default WebAuthnConfigurer#rpName to rpId 
In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated:

> This member is deprecated because many clients do not display it,
> but it remains a required dictionary member for backwards compatibility.
> Relying Parties MAY, as a safe default, set this equal to the RP ID.

Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity

Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf>
 2025-11-04 11:16:22 -06:00