From 11f46fc584f604b82aae22b183b3ed0b7e758e36 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:02:14 -0500 Subject: [PATCH 01/16] Exclude release candidate dependencies --- build.gradle | 1 + 1 file changed, 1 insertion(+) diff --git a/build.gradle b/build.gradle index c5025f35fb..24cc29425a 100644 --- a/build.gradle +++ b/build.gradle @@ -102,6 +102,7 @@ updateDependenciesSettings { }) dependencyExcludes { majorVersionBump() + releaseCandidatesVersions() alphaBetaVersions() snapshotVersions() addRule { components -> From 67a00bcaa0cf32587f639c4f01a53a78a4aac0cb Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:15:34 -0500 Subject: [PATCH 02/16] Fix JSONObject and JSONArray imports in tests --- .../oauth2/core/converter/ClaimConversionServiceTests.java | 4 ++-- .../oauth2/core/converter/ClaimTypeConverterTests.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/converter/ClaimConversionServiceTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/converter/ClaimConversionServiceTests.java index 491e7a2a3c..8d27597e4b 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/converter/ClaimConversionServiceTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/converter/ClaimConversionServiceTests.java @@ -26,8 +26,8 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import com.nimbusds.jose.shaded.json.JSONArray; -import com.nimbusds.jose.shaded.json.JSONObject; +import net.minidev.json.JSONArray; +import net.minidev.json.JSONObject; import org.assertj.core.util.Lists; import org.junit.jupiter.api.Test; diff --git a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/converter/ClaimTypeConverterTests.java b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/converter/ClaimTypeConverterTests.java index 586ab8653a..fd792678b6 100644 --- a/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/converter/ClaimTypeConverterTests.java +++ b/oauth2/oauth2-core/src/test/java/org/springframework/security/oauth2/core/converter/ClaimTypeConverterTests.java @@ -23,8 +23,8 @@ import java.util.HashMap; import java.util.List; import java.util.Map; -import com.nimbusds.jose.shaded.json.JSONArray; -import com.nimbusds.jose.shaded.json.JSONObject; +import net.minidev.json.JSONArray; +import net.minidev.json.JSONObject; import org.assertj.core.util.Lists; import org.assertj.core.util.Maps; import org.junit.jupiter.api.BeforeEach; From 40a343c6e1ac92ce106edd65acada4653554d2b0 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:29:45 -0500 Subject: [PATCH 03/16] Update jackson-bom to 2.13.4 Closes gh-11835 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 4357da26b8..df3e3acb79 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -15,7 +15,7 @@ dependencies { api platform("org.springframework.data:spring-data-bom:2021.2.2") api platform("org.jetbrains.kotlin:kotlin-bom:$kotlinVersion") api platform("org.jetbrains.kotlinx:kotlinx-coroutines-bom:1.6.4") - api platform("com.fasterxml.jackson:jackson-bom:2.13.3") + api platform("com.fasterxml.jackson:jackson-bom:2.13.4") constraints { api "ch.qos.logback:logback-classic:1.2.11" api "com.google.inject:guice:3.0" From a799528679b1d0bf76cbb971a7db171bf9f56261 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:29:54 -0500 Subject: [PATCH 04/16] Update com.nimbusds to 9.43.1 Closes gh-11838 --- dependencies/spring-security-dependencies.gradle | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index df3e3acb79..f49546f027 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -19,8 +19,8 @@ dependencies { constraints { api "ch.qos.logback:logback-classic:1.2.11" api "com.google.inject:guice:3.0" - api "com.nimbusds:nimbus-jose-jwt:9.23" - api "com.nimbusds:oauth2-oidc-sdk:9.38.1" + api "com.nimbusds:nimbus-jose-jwt:9.24.4" + api "com.nimbusds:oauth2-oidc-sdk:9.43.1" api "com.squareup.okhttp3:mockwebserver:3.14.9" api "com.squareup.okhttp3:okhttp:3.14.9" api "com.unboundid:unboundid-ldapsdk:4.0.14" From d915f0f9caeb60c2b51b3e621f8bb884765c7ca6 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:29:57 -0500 Subject: [PATCH 05/16] Update aspectj-plugin to 6.5.1 Closes gh-11839 --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 24cc29425a..54f2e6cbf3 100644 --- a/build.gradle +++ b/build.gradle @@ -4,7 +4,7 @@ buildscript { dependencies { classpath "io.spring.javaformat:spring-javaformat-gradle-plugin:$springJavaformatVersion" classpath 'io.spring.nohttp:nohttp-gradle:0.0.10' - classpath "io.freefair.gradle:aspectj-plugin:6.5.0.3" + classpath "io.freefair.gradle:aspectj-plugin:6.5.1" classpath "org.jetbrains.kotlin:kotlin-gradle-plugin:$kotlinVersion" classpath "com.netflix.nebula:nebula-project-plugin:8.2.0" } From 3d4f947cd530893352e9b86973de6d508d01bc28 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:00 -0500 Subject: [PATCH 06/16] Update mockk to 1.12.8 Closes gh-11840 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index f49546f027..91ef989063 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -25,7 +25,7 @@ dependencies { api "com.squareup.okhttp3:okhttp:3.14.9" api "com.unboundid:unboundid-ldapsdk:4.0.14" api "commons-collections:commons-collections:3.2.2" - api "io.mockk:mockk:1.12.4" + api "io.mockk:mockk:1.12.8" api "io.projectreactor.tools:blockhound:1.0.6.RELEASE" api "jakarta.inject:jakarta.inject-api:1.0.5" api "jakarta.annotation:jakarta.annotation-api:1.3.5" From 6d3e04184be3fadf6cbae0e0c001672dcb4d2237 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:04 -0500 Subject: [PATCH 07/16] Update io.projectreactor to 2020.0.23 Closes gh-11841 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 91ef989063..1162d546aa 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -8,7 +8,7 @@ javaPlatform { dependencies { api platform("org.springframework:spring-framework-bom:$springFrameworkVersion") - api platform("io.projectreactor:reactor-bom:2020.0.21") + api platform("io.projectreactor:reactor-bom:2020.0.23") api platform("io.rsocket:rsocket-bom:1.1.2") api platform("org.junit:junit-bom:5.9.0-RC1") api platform("org.mockito:mockito-bom:4.7.0") From a884e0dda93acb14fbbb99fccfc5e32f04f0cafa Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:10 -0500 Subject: [PATCH 08/16] Update io.rsocket to 1.1.3 Closes gh-11843 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 1162d546aa..3731deb1db 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -9,7 +9,7 @@ javaPlatform { dependencies { api platform("org.springframework:spring-framework-bom:$springFrameworkVersion") api platform("io.projectreactor:reactor-bom:2020.0.23") - api platform("io.rsocket:rsocket-bom:1.1.2") + api platform("io.rsocket:rsocket-bom:1.1.3") api platform("org.junit:junit-bom:5.9.0-RC1") api platform("org.mockito:mockito-bom:4.7.0") api platform("org.springframework.data:spring-data-bom:2021.2.2") From 870de424f0b289e9fba3496dc2dc2394fa8c0918 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:13 -0500 Subject: [PATCH 09/16] Update htmlunit to 2.64.0 Closes gh-11844 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 3731deb1db..0f4918c5ba 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -36,7 +36,7 @@ dependencies { api "jakarta.xml.bind:jakarta.xml.bind-api:2.3.3" api "ldapsdk:ldapsdk:4.1" api "net.sf.ehcache:ehcache:2.10.9.2" - api "net.sourceforge.htmlunit:htmlunit:2.63.0" + api "net.sourceforge.htmlunit:htmlunit:2.64.0" api "net.sourceforge.nekohtml:nekohtml:1.9.22" api "org.apache.directory.server:apacheds-core-entry:1.5.5" api "org.apache.directory.server:apacheds-core:1.5.5" From ece5ff1500419db074628be559ca7c301b30bfaa Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:16 -0500 Subject: [PATCH 10/16] Update org.eclipse.jetty to 9.4.49.v20220914 Closes gh-11845 --- dependencies/spring-security-dependencies.gradle | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 0f4918c5ba..189ae25b28 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -50,8 +50,8 @@ dependencies { api "org.assertj:assertj-core:3.23.1" api "org.bouncycastle:bcpkix-jdk15on:1.70" api "org.bouncycastle:bcprov-jdk15on:1.70" - api "org.eclipse.jetty:jetty-server:9.4.48.v20220622" - api "org.eclipse.jetty:jetty-servlet:9.4.48.v20220622" + api "org.eclipse.jetty:jetty-server:9.4.49.v20220914" + api "org.eclipse.jetty:jetty-servlet:9.4.49.v20220914" api "org.eclipse.persistence:javax.persistence:2.2.1" api "org.hamcrest:hamcrest:2.2" api "org.hibernate:hibernate-entitymanager:5.6.10.Final" From 5d8427a52bfba3f55af0f362c3101b7998564de4 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:20 -0500 Subject: [PATCH 11/16] Update hibernate-entitymanager to 5.6.11.Final Closes gh-11846 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 189ae25b28..b54020eecd 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -54,7 +54,7 @@ dependencies { api "org.eclipse.jetty:jetty-servlet:9.4.49.v20220914" api "org.eclipse.persistence:javax.persistence:2.2.1" api "org.hamcrest:hamcrest:2.2" - api "org.hibernate:hibernate-entitymanager:5.6.10.Final" + api "org.hibernate:hibernate-entitymanager:5.6.11.Final" api "org.hsqldb:hsqldb:2.6.1" api "org.jasig.cas.client:cas-client-core:3.6.4" api "org.openid4java:openid4java-nodeps:0.9.6" From 573a5b626dcfa12741eba659470669e3b21eca06 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:25 -0500 Subject: [PATCH 12/16] Update hsqldb to 2.7.0 Closes gh-11847 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index b54020eecd..a01f916a28 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -55,7 +55,7 @@ dependencies { api "org.eclipse.persistence:javax.persistence:2.2.1" api "org.hamcrest:hamcrest:2.2" api "org.hibernate:hibernate-entitymanager:5.6.11.Final" - api "org.hsqldb:hsqldb:2.6.1" + api "org.hsqldb:hsqldb:2.7.0" api "org.jasig.cas.client:cas-client-core:3.6.4" api "org.openid4java:openid4java-nodeps:0.9.6" api "org.opensaml:opensaml-core:$openSamlVersion" From e2a4227c115508ebb8d7ba226a4cbb66d6a25051 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:28 -0500 Subject: [PATCH 13/16] Update junit-bom to 5.9.0 Closes gh-11848 --- buildSrc/build.gradle | 2 +- dependencies/spring-security-dependencies.gradle | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle index 245fb4726b..f266c18a7f 100644 --- a/buildSrc/build.gradle +++ b/buildSrc/build.gradle @@ -99,7 +99,7 @@ dependencies { implementation 'org.jfrog.buildinfo:build-info-extractor-gradle:4.29.0' implementation 'org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.7.1' - testImplementation platform('org.junit:junit-bom:5.9.0-RC1') + testImplementation platform('org.junit:junit-bom:5.9.0') testImplementation "org.junit.jupiter:junit-jupiter-api" testImplementation "org.junit.jupiter:junit-jupiter-params" testImplementation "org.junit.jupiter:junit-jupiter-engine" diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index a01f916a28..e5ec51b470 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -10,7 +10,7 @@ dependencies { api platform("org.springframework:spring-framework-bom:$springFrameworkVersion") api platform("io.projectreactor:reactor-bom:2020.0.23") api platform("io.rsocket:rsocket-bom:1.1.3") - api platform("org.junit:junit-bom:5.9.0-RC1") + api platform("org.junit:junit-bom:5.9.0") api platform("org.mockito:mockito-bom:4.7.0") api platform("org.springframework.data:spring-data-bom:2021.2.2") api platform("org.jetbrains.kotlin:kotlin-bom:$kotlinVersion") From 0159e8c976b3cdce0036253c4e14003148482768 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:32 -0500 Subject: [PATCH 14/16] Update org.mockito to 4.8.0 Closes gh-11849 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index e5ec51b470..a12905a92c 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -11,7 +11,7 @@ dependencies { api platform("io.projectreactor:reactor-bom:2020.0.23") api platform("io.rsocket:rsocket-bom:1.1.3") api platform("org.junit:junit-bom:5.9.0") - api platform("org.mockito:mockito-bom:4.7.0") + api platform("org.mockito:mockito-bom:4.8.0") api platform("org.springframework.data:spring-data-bom:2021.2.2") api platform("org.jetbrains.kotlin:kotlin-bom:$kotlinVersion") api platform("org.jetbrains.kotlinx:kotlinx-coroutines-bom:1.6.4") From eeb152cd6d391d5255dff39cec4ac8278165b094 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:35 -0500 Subject: [PATCH 15/16] Update htmlunit-driver to 2.64.0 Closes gh-11850 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index a12905a92c..ffb7348b0c 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -62,7 +62,7 @@ dependencies { api "org.opensaml:opensaml-saml-api:$openSamlVersion" api "org.opensaml:opensaml-saml-impl:$openSamlVersion" api "org.python:jython:2.5.3" - api "org.seleniumhq.selenium:htmlunit-driver:2.63.0" + api "org.seleniumhq.selenium:htmlunit-driver:2.64.0" api "org.seleniumhq.selenium:selenium-java:3.141.59" api "org.seleniumhq.selenium:selenium-support:3.141.59" api "org.skyscreamer:jsonassert:1.5.1" From e4e24c6639357ebe886db593832b40f8eea29cd0 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg Date: Fri, 16 Sep 2022 13:30:39 -0500 Subject: [PATCH 16/16] Update org.springframework to 5.3.23 Closes gh-11851 --- gradle.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle.properties b/gradle.properties index 001ac9c3c0..34487789d4 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,7 +1,7 @@ aspectjVersion=1.9.9.1 springJavaformatVersion=0.0.34 springBootVersion=2.4.2 -springFrameworkVersion=5.3.22 +springFrameworkVersion=5.3.23 openSamlVersion=3.4.6 version=5.8.0-SNAPSHOT kotlinVersion=1.7.10