f52f097a4d
Bump ch.qos.logback:logback-classic from 1.5.31 to 1.5.32
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.31 to 1.5.32.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.31...v_1.5.32 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.32
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
1cd145d026
Bump org-apache-maven-resolver from 1.9.25 to 1.9.26
...
Bumps `org-apache-maven-resolver` from 1.9.25 to 1.9.26.
Updates `org.apache.maven.resolver:maven-resolver-connector-basic` from 1.9.25 to 1.9.26
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.25...maven-resolver-1.9.26 )
Updates `org.apache.maven.resolver:maven-resolver-impl` from 1.9.25 to 1.9.26
- [Release notes](https://github.com/apache/maven-resolver/releases )
- [Commits](https://github.com/apache/maven-resolver/compare/maven-resolver-1.9.25...maven-resolver-1.9.26 )
Updates `org.apache.maven.resolver:maven-resolver-transport-http` from 1.9.25 to 1.9.26
---
updated-dependencies:
- dependency-name: org.apache.maven.resolver:maven-resolver-connector-basic
dependency-version: 1.9.26
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-impl
dependency-version: 1.9.26
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.apache.maven.resolver:maven-resolver-transport-http
dependency-version: 1.9.26
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
4aa9ff99f5
Bump org.junit:junit-bom from 6.0.2 to 6.0.3
...
Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework ) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/junit-team/junit-framework/releases )
- [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3 )
---
updated-dependencies:
- dependency-name: org.junit:junit-bom
dependency-version: 6.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
9b978ae70b
Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.31
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.29 to 1.5.31.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.29...v_1.5.31 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.31
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
73dff1f8a3
Next development version
1 month ago
e5906d97ea
Remove Typo in Java Version Declaration
...
Issue gh-18512
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 month ago
928ad9600c
Release 7.1.0-M2
1 month ago
f9b2c86e1d
Bump org.springframework.data:spring-data-bom from 2025.1.2 to 2025.1.3
...
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom ) from 2025.1.2 to 2025.1.3.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases )
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.2...2025.1.3 )
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
dependency-version: 2025.1.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
d77e48f9ef
Bump org.springframework.ldap:spring-ldap-core from 4.0.1 to 4.0.2
...
Bumps [org.springframework.ldap:spring-ldap-core](https://github.com/spring-projects/spring-ldap ) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/spring-projects/spring-ldap/releases )
- [Changelog](https://github.com/spring-projects/spring-ldap/blob/main/changelog.txt )
- [Commits](https://github.com/spring-projects/spring-ldap/compare/4.0.1...4.0.2 )
---
updated-dependencies:
- dependency-name: org.springframework.ldap:spring-ldap-core
dependency-version: 4.0.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
25da472d67
Bump org.springframework:spring-framework-bom from 7.0.3 to 7.0.4
...
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework ) from 7.0.3 to 7.0.4.
- [Release notes](https://github.com/spring-projects/spring-framework/releases )
- [Commits](https://github.com/spring-projects/spring-framework/compare/v7.0.3...v7.0.4 )
---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
dependency-version: 7.0.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
9d3e217b79
Bump spring-io/spring-security-release-tools from 1.0.13 to 1.0.14
...
Bumps [spring-io/spring-security-release-tools](https://github.com/spring-io/spring-security-release-tools ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...729fed56d42122f88583aff1be35c0800b7d77e9 )
---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools
dependency-version: 1.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
7bbfc09f49
Bump spring-io/spring-security-release-tools/.github/workflows/perform-release.yml
...
Bumps [spring-io/spring-security-release-tools/.github/workflows/perform-release.yml](https://github.com/spring-io/spring-security-release-tools ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...729fed56d42122f88583aff1be35c0800b7d77e9 )
---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml
dependency-version: 1.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
85e2d9298b
Merge remote-tracking branch 'origin/7.0.x'
1 month ago
b804da974d
Update Test to Align with webauthn4j
...
The latest webauthn4j exposes Jackson 3 instead of Jackson 2,
as such this test now uses Jackson 3 where needed.
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 month ago
b9bb5e0b52
Bump com.webauthn4j:webauthn4j-core
...
Bumps [com.webauthn4j:webauthn4j-core](https://github.com/webauthn4j/webauthn4j ) from 0.29.7.RELEASE to 0.31.0.RELEASE.
- [Release notes](https://github.com/webauthn4j/webauthn4j/releases )
- [Commits](https://github.com/webauthn4j/webauthn4j/compare/0.29.7.RELEASE...0.31.0.RELEASE )
---
updated-dependencies:
- dependency-name: com.webauthn4j:webauthn4j-core
dependency-version: 0.31.0.RELEASE
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
4fd8e1d596
Remove Trailing Bytes from AttestationStatement
...
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 month ago
c59fb0cd35
Add Jackson 2 Databind as Optional Dependency
...
Since spring-security-webauthn has Jackson 2 Mixins, it would
be clearer to set Jackson 2 explicitly as an optional dependency
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 month ago
bc6ce0d346
Merge branch '7.0.x'
1 month ago
50aba3aaf3
Bump io.spring.gradle:spring-security-release-plugin
...
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...v1.0.14 )
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
dependency-version: 1.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
25aec8c5e0
Update Release Steps to JDK 25
...
Issue gh-18512
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 month ago
6eb0af9912
Merge branch '7.0.x'
1 month ago
6cbbf6c561
Merge branch '6.5.x' into 7.0.x
1 month ago
10cb6f7003
Update spring-security-release-tools 1.0.14
1 month ago
7fdff6a907
Use spring-github-workflows Auto-Merge
1 month ago
117af3bc2b
Merge pull request #18723 from spring-projects/dependabot/gradle/main/io.spring.gradle-spring-security-release-plugin-1.0.14
...
Bump io.spring.gradle:spring-security-release-plugin from 1.0.13 to 1.0.14
1 month ago
c7f781423f
Bump io.spring.gradle:spring-security-release-plugin
...
Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools ) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases )
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc )
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...v1.0.14 )
---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
dependency-version: 1.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
fb2f0d5c38
Merge pull request #18715 from spring-projects/dependabot/gradle/main/io.projectreactor-reactor-bom-2025.0.3
...
Bump io.projectreactor:reactor-bom from 2025.0.2 to 2025.0.3
1 month ago
10b9cc8c2b
Merge pull request #18713 from spring-projects/dependabot/gradle/main/io.micrometer-micrometer-observation-1.16.3
...
Bump io.micrometer:micrometer-observation from 1.16.2 to 1.16.3
1 month ago
5240878272
Merge pull request #18714 from spring-projects/dependabot/gradle/main/ch.qos.logback-logback-classic-1.5.29
...
Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29
1 month ago
ba4bd61c5b
Bump io.projectreactor:reactor-bom from 2025.0.2 to 2025.0.3
...
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor ) from 2025.0.2 to 2025.0.3.
- [Release notes](https://github.com/reactor/reactor/releases )
- [Commits](https://github.com/reactor/reactor/compare/2025.0.2...2025.0.3 )
---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
dependency-version: 2025.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
c25ec70374
Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.28 to 1.5.29.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.28...v_1.5.29 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.29
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
8e1e0ca9d2
Bump io.micrometer:micrometer-observation from 1.16.2 to 1.16.3
...
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer ) from 1.16.2 to 1.16.3.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases )
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.16.2...v1.16.3 )
---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
dependency-version: 1.16.3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
705fa60a01
Document Method Security hasScope Support
...
Issue gh-18013
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 month ago
f2b7cb2de5
Support hasScope in Method Security
...
Closes gh-18013
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
1 month ago
8652950fb2
Fix typos in contributing guide Tidy up wording in CONTRIBUTING.adoc to improve readability.
...
Signed-off-by: coehgns <modooboiroo@gmail.com>
1 month ago
07ba3e623f
Merge branch '7.0.x'
1 month ago
252c69460e
Merge remote-tracking branch 'origin/6.5.x' into 7.0.x
1 month ago
3131642aae
Bump io.micrometer:context-propagation from 1.1.3 to 1.1.4
...
Bumps [io.micrometer:context-propagation](https://github.com/micrometer-metrics/context-propagation ) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/micrometer-metrics/context-propagation/releases )
- [Commits](https://github.com/micrometer-metrics/context-propagation/compare/v1.1.3...v1.1.4 )
---
updated-dependencies:
- dependency-name: io.micrometer:context-propagation
dependency-version: 1.1.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
552d8d1d29
Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.28 to 1.5.29.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.28...v_1.5.29 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.29
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
f240f29433
Bump gradle-wrapper from 8.14 to 8.14.4
...
Bumps gradle-wrapper from 8.14 to 8.14.4.
---
updated-dependencies:
- dependency-name: gradle-wrapper
dependency-version: 8.14.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
f91b5f33fc
Merge pull request #18701 from spring-projects/dependabot/gradle/main/com.nimbusds-oauth2-oidc-sdk-11.33
...
Bump com.nimbusds:oauth2-oidc-sdk from 11.26.1 to 11.33
1 month ago
095cc3bf74
Merge remote-tracking branch 'origin/7.0.x'
1 month ago
06caf327c1
Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.4 to 4.0.5
...
Bumps [jakarta.xml.bind:jakarta.xml.bind-api](https://github.com/jakartaee/jaxb-api ) from 4.0.4 to 4.0.5.
- [Release notes](https://github.com/jakartaee/jaxb-api/releases )
- [Commits](https://github.com/jakartaee/jaxb-api/compare/4.0.4...4.0.5 )
---
updated-dependencies:
- dependency-name: jakarta.xml.bind:jakarta.xml.bind-api
dependency-version: 4.0.5
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
4cc6687916
Bump io.micrometer:context-propagation from 1.1.3 to 1.1.4
...
Bumps [io.micrometer:context-propagation](https://github.com/micrometer-metrics/context-propagation ) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/micrometer-metrics/context-propagation/releases )
- [Commits](https://github.com/micrometer-metrics/context-propagation/compare/v1.1.3...v1.1.4 )
---
updated-dependencies:
- dependency-name: io.micrometer:context-propagation
dependency-version: 1.1.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
108dc5996b
Bump gradle-wrapper from 8.14 to 8.14.4
...
Bumps gradle-wrapper from 8.14 to 8.14.4.
---
updated-dependencies:
- dependency-name: gradle-wrapper
dependency-version: 8.14.4
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
8c3453dfd2
Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.28 to 1.5.29.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.28...v_1.5.29 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.29
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
5418ab2081
Update nimbus-jose-jwt from 10.4 to 10.6
...
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 month ago
e8e4110334
Wrap RuntimeException in fromOidcConfiguration
...
This commit makes so that fromOidcConfiguration throws the same exception
caused by chain as other configuration methods. Specifically, if parsing
throws a RuntimeException, this method will now wrap it in an
IllegalArgumentException as other configuration methods do.
This makes specific sense here since the RuntimeException is almost certainly
caused by a malformed configuration set handed in as a method parameter.
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
1 month ago
92fd945b02
Bump org.hibernate.orm:hibernate-core from 7.2.3.Final to 7.2.4.Final
...
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm ) from 7.2.3.Final to 7.2.4.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases )
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.2.4/changelog.txt )
- [Commits](https://github.com/hibernate/hibernate-orm/compare/7.2.3...7.2.4 )
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
dependency-version: 7.2.4.Final
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
d0b0b5a252
Bump gradle-wrapper from 9.2.1 to 9.3.1
...
Bumps gradle-wrapper from 9.2.1 to 9.3.1.
---
updated-dependencies:
- dependency-name: gradle-wrapper
dependency-version: 9.3.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
1 month ago
dependabot[bot]
Joe Grandja
Josh Cummings
github-actions[bot]
github-actions[bot]
Tran Ngoc Nhan
coehgns