spring-security

Commit Graph

Author	SHA1	Message	Date
github-actions[bot]	9095a1bffd	Next development version	2 days ago
github-actions[bot]	9d08114c58	Release 7.0.2	2 days ago
Josh Cummings	0155d4a345	Restore Check for DispatcherServlet on Classpath Closes gh-18315	2 days ago
github-actions[bot]	29ad1e6b07	Next development version	2 days ago
github-actions[bot]	8651868708	Release 7.0.1	2 days ago
dependabot[bot]	5732f39da7	Bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.21 to 1.5.22. - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](https://github.com/qos-ch/logback/compare/v_1.5.21...v_1.5.22) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2 days ago
dependabot[bot]	8bfa849a9d	Bump org.springframework.data:spring-data-bom from 2025.1.0 to 2025.1.1 Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.0 to 2025.1.1. - [Release notes](https://github.com/spring-projects/spring-data-bom/releases) - [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.0...2025.1.1) --- updated-dependencies: - dependency-name: org.springframework.data:spring-data-bom dependency-version: 2025.1.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2 days ago
dependabot[bot]	e033086ab0	Bump org.springframework:spring-framework-bom from 7.0.1 to 7.0.2 Includes fixes for Breaking Changes in Spring Framework 7.0.2: - spring-projects/spring-framework#35916 - spring-projects/spring-framework#35947 Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.1 to 7.0.2. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v7.0.1...v7.0.2) --- updated-dependencies: - dependency-name: org.springframework:spring-framework-bom dependency-version: 7.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2 days ago
Josh Cummings	964fcac086	Polish Tests Issue gh-18269 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	2 days ago
Ziqin Wang	1d1b3ff797	Fix "typ" header value in NimbusJwtEncoder-encoded JWT Closes gh-18269 Signed-off-by: Ziqin Wang <ziqin@wangziqin.net>	2 days ago
Ziqin Wang	c8898f91fc	Test NimbusJwtEncoder & NimbusJwtDecoder symmetrically This test encodes an JWT with NimbusJwtEncoder, and then decodes it with NimbusJwtDecoder. This test will fail when NimbusJwtEncoder emits a JWT with a wrong `typ' parameter in the header, as NimbusJwtDecoder validates the JWT with JwtTypeValidator by default. It may be beneficial for finding out other similiar bugs too. Signed-off-by: Ziqin Wang <ziqin@wangziqin.net>	2 days ago
Josh Cummings	dbf93acb05	Check for spring-security-web on Classpath This commit refines the check for adding AuthorizationWebProxyConfiguration to the application context. The web-based authorization proxy support is intended for applying Spring Security Method Security primitives to Spring Web components; as such, this implies a dependency on Spring Security Web. Closes gh-18307	2 days ago
Josh Cummings	ae5673b7a8	Merge branch '6.5.x'	2 days ago
Josh Cummings	765abe534e	Add Missing Migration Pages to Side Navigation Closes gh-18313	2 days ago
Josh Cummings	afb0c59875	Add request-matcher XML Migration Steps Closes gh-18211	2 days ago
dependabot[bot]	d5beb513cd	Bump com.unboundid:unboundid-ldapsdk from 7.0.3 to 7.0.4 Bumps [com.unboundid:unboundid-ldapsdk](https://github.com/pingidentity/ldapsdk) from 7.0.3 to 7.0.4. - [Release notes](https://github.com/pingidentity/ldapsdk/releases) - [Changelog](https://github.com/pingidentity/ldapsdk/blob/master/docs/release-notes.html) - [Commits](https://github.com/pingidentity/ldapsdk/commits) --- updated-dependencies: - dependency-name: com.unboundid:unboundid-ldapsdk dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2 days ago
Rob Winch	d6a2603e85	Bump io.mockk:mockk from 1.14.6 to 1.14.7	2 days ago
Rob Winch	a4810b7e15	Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14	2 days ago
Rob Winch	054f2e9a87	Bump io.projectreactor:reactor-bom from 2025.0.0 to 2025.0.1	2 days ago
Rob Winch	00c7a5b201	Merge branch '6.5.x'	2 days ago
Rob Winch	310f82170f	Bump io.mockk:mockk from 1.14.6 to 1.14.7	2 days ago
Rob Winch	be2f2ec600	Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14	2 days ago
Rob Winch	1bc90b5fd0	Bump org-apache-maven-resolver from 1.9.24 to 1.9.25	2 days ago
Rob Winch	d2dd0fe5f6	Bump io.projectreactor:reactor-bom from 2024.0.12 to 2024.0.13	2 days ago
Rob Winch	7a85bf481a	Bump org.hibernate.orm:hibernate-core from 6.6.38.Final to 6.6.39.Final	2 days ago
Rob Winch	af960abe2d	Merge branch '6.4.x' into 6.5.x	2 days ago
Rob Winch	b7b859cd9a	Bump org-apache-maven-resolver from 1.9.24 to 1.9.25	2 days ago
Rob Winch	b83f682154	Bump io.projectreactor:reactor-bom from 2024.0.12 to 2024.0.13	2 days ago
Rob Winch	aca1643284	Bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22	2 days ago
dependabot[bot]	0c9c152a31	Bump org.hibernate.orm:hibernate-core from 6.6.38.Final to 6.6.39.Final Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.38.Final to 6.6.39.Final. - [Release notes](https://github.com/hibernate/hibernate-orm/releases) - [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.39/changelog.txt) - [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.38...6.6.39) --- updated-dependencies: - dependency-name: org.hibernate.orm:hibernate-core dependency-version: 6.6.39.Final dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2 days ago
dependabot[bot]	cf2114e36e	Bump org.springframework:spring-framework-bom from 6.2.14 to 6.2.15 Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 6.2.14 to 6.2.15. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](https://github.com/spring-projects/spring-framework/compare/v6.2.14...v6.2.15) --- updated-dependencies: - dependency-name: org.springframework:spring-framework-bom dependency-version: 6.2.15 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	5 days ago
dependabot[bot]	ecd17a9ee0	Bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.21 to 1.5.22. - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](https://github.com/qos-ch/logback/compare/v_1.5.21...v_1.5.22) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.22 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	5 days ago
dependabot[bot]	2a763578f5	Bump io.projectreactor:reactor-bom from 2024.0.12 to 2024.0.13 Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2024.0.12 to 2024.0.13. - [Release notes](https://github.com/reactor/reactor/releases) - [Commits](https://github.com/reactor/reactor/compare/2024.0.12...2024.0.13) --- updated-dependencies: - dependency-name: io.projectreactor:reactor-bom dependency-version: 2024.0.13 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
dependabot[bot]	e978d4bf3d	Bump org-apache-maven-resolver from 1.9.24 to 1.9.25 Bumps `org-apache-maven-resolver` from 1.9.24 to 1.9.25. Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.24 to 1.9.25 - [Release notes](https://github.com/apache/maven-resolver/releases) - [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.24...maven-resolver-1.9.25) Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.24 to 1.9.25 - [Release notes](https://github.com/apache/maven-resolver/releases) - [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.24...maven-resolver-1.9.25) Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.24 to 1.9.25 --- updated-dependencies: - dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic dependency-version: 1.9.25 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.apache.maven.resolver:maven-resolver-impl dependency-version: 1.9.25 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.apache.maven.resolver:maven-resolver-transport-http dependency-version: 1.9.25 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
dependabot[bot]	ef5cdb50cc	Bump io.projectreactor:reactor-bom from 2024.0.12 to 2024.0.13 Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2024.0.12 to 2024.0.13. - [Release notes](https://github.com/reactor/reactor/releases) - [Commits](https://github.com/reactor/reactor/compare/2024.0.12...2024.0.13) --- updated-dependencies: - dependency-name: io.projectreactor:reactor-bom dependency-version: 2024.0.13 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
dependabot[bot]	b2e2d74cab	Bump org-apache-maven-resolver from 1.9.24 to 1.9.25 Bumps `org-apache-maven-resolver` from 1.9.24 to 1.9.25. Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.24 to 1.9.25 - [Release notes](https://github.com/apache/maven-resolver/releases) - [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.24...maven-resolver-1.9.25) Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.24 to 1.9.25 - [Release notes](https://github.com/apache/maven-resolver/releases) - [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.24...maven-resolver-1.9.25) Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.24 to 1.9.25 --- updated-dependencies: - dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic dependency-version: 1.9.25 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.apache.maven.resolver:maven-resolver-impl dependency-version: 1.9.25 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.apache.maven.resolver:maven-resolver-transport-http dependency-version: 1.9.25 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
dependabot[bot]	c3a03a4834	Bump io.projectreactor:reactor-bom from 2025.0.0 to 2025.0.1 Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.0 to 2025.0.1. - [Release notes](https://github.com/reactor/reactor/releases) - [Commits](https://github.com/reactor/reactor/compare/2025.0.0...2025.0.1) --- updated-dependencies: - dependency-name: io.projectreactor:reactor-bom dependency-version: 2025.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
Andrey Litvitski	0d5f42f852	Remove requireProofKey warning for non-auth-code flows The warning is unnecessary since PKCE only applies to authorization_code flow and the code already corrects this silently. Closes: gh-18221 Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>	1 week ago
Josh Cummings	4d9d40ead8	Update validateType JavaDoc Closes gh-18227 Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>	1 week ago
dependabot[bot]	568378268e	Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14 Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.13 to 1.14.14. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.13...v1.14.14) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-observation dependency-version: 1.14.14 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
dependabot[bot]	59ffb6f6d1	Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14 Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.13 to 1.14.14. - [Release notes](https://github.com/micrometer-metrics/micrometer/releases) - [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.13...v1.14.14) --- updated-dependencies: - dependency-name: io.micrometer:micrometer-observation dependency-version: 1.14.14 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
dependabot[bot]	cf8d6a2ee7	Bump io.mockk:mockk from 1.14.6 to 1.14.7 Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.6 to 1.14.7. - [Release notes](https://github.com/mockk/mockk/releases) - [Commits](https://github.com/mockk/mockk/compare/1.14.6...1.14.7) --- updated-dependencies: - dependency-name: io.mockk:mockk dependency-version: 1.14.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
dependabot[bot]	fd0de94c1b	Bump io.mockk:mockk from 1.14.6 to 1.14.7 Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.6 to 1.14.7. - [Release notes](https://github.com/mockk/mockk/releases) - [Commits](https://github.com/mockk/mockk/compare/1.14.6...1.14.7) --- updated-dependencies: - dependency-name: io.mockk:mockk dependency-version: 1.14.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	1 week ago
Joe Grandja	29b9dc6f04	Register runtime hints for authorization server Issue gh-18251	2 weeks ago
kucoll	10edc14d7e	Fix typo in AnnotationTemplateExpressionDefaults The AnnotationTemplateExpressionDeafults was wrong，and right is AnnotationTemplateExpressionDefaults Signed-off-by: kucoll <kucoll@163.com>	2 weeks ago
kucoll	7503d8018d	Fix typo in AnnotationTemplateExpressionDefaults The AnnotationTemplateExpressionDeafults was wrong，and right is AnnotationTemplateExpressionDefaults Signed-off-by: kucoll <kucoll@163.com>	2 weeks ago
Joe Grandja	c53e66a217	OAuth2AuthorizationEndpointFilter is applied after AuthorizationFilter Closes gh-18251	2 weeks ago
Soumik Sarker	244b5a16be	Added test scope for NPE in RequestMethod Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>	2 weeks ago
Guillaume Husta	1ce73dd45a	docs: Fix example in Custom DSLs for http.csrf() It should use lambda dsl to compile Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>	2 weeks ago
Guillaume Husta	bb7fcb27ef	docs: Fix example in MyCustomDsl to remove throws Exception In `init` and `configure`, throws Exception has been removed in the super interface `SecurityConfigurer`, since Spring Security 7.0. This change is the consequence of https://github.com/spring-projects/spring-security/issues/17957 Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>	2 weeks ago

1 2 3 4 5 ...

19914 Commits (main) All Branches Search

19914 Commits (main)

All Branches