Skip to content

Upgrade Spring Security 6.3.1 -> 6.3.3 #1303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 26, 2024
Merged

Upgrade Spring Security 6.3.1 -> 6.3.3 #1303

merged 1 commit into from
Aug 26, 2024

Conversation

Picnic-DevPla-Bot
Copy link
Contributor

@Picnic-DevPla-Bot Picnic-DevPla-Bot commented Aug 21, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
Spring Security (source) import patch 6.3.1 -> 6.3.3

Release Notes

spring-projects/spring-security (Spring Security)

v6.3.3

Compare Source

🪲 Bug Fixes

  • ObservationRegistry is never post-processed #​15658

🔨 Dependency Upgrades

  • Bump org-eclipse-jetty from 11.0.22 to 11.0.23 #​15664

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​dependabot[bot]

v6.3.2

Compare Source

⭐ New Features

  • ActiveDirectoryLdapAuthenticationProvider does not implement support for multiple urls #​15495
  • Document the role of CredentialsContainer #​15321
  • OIDC Backchannel Logout should allow logout tokens having typ header of logout+jwt #​15410

🪲 Bug Fixes

  • A broken link in Spring Security reference #​15297
  • Documentation for ServletBearerExchangeFilterFunction incomplete or incorrect #​15460
  • EnableMethodSecurity should publish only one bean of each AuthorizationAdvisor #​15592
  • Fix Compromised Password Checker Docs Sample Not Working #​15305
  • Fix for #​15172 introduces significant performance degredation #​15324
  • Pre/PostAuthorize should not ignore HandleAuthorizationDenied#handlerClass when ApplicationContext is not provided #​15535
  • Update prerequisites documentation with Java 17 #​15340
  • Use Correct Meta-Annotation in Kotlin Sample #​15472
  • Using sec:authorize in JSPX causes 'java.lang.NullPointerException: Cannot invoke "jakarta.servlet.ServletRegistration.getClassName()" because "registration" is null' #​15440

🔨 Dependency Upgrades

  • Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7 #​15619
  • Bump com.fasterxml.jackson:jackson-bom from 2.17.1 to 2.17.2 #​15374
  • Bump com.github.spullara.mustache.java:compiler from 0.9.13 to 0.9.14 #​15373
  • Bump io.micrometer:micrometer-observation from 1.12.7 to 1.12.8 #​15383
  • Bump io.micrometer:micrometer-observation from 1.12.8 to 1.12.9 #​15581
  • Bump io.mockk:mockk from 1.13.11 to 1.13.12 #​15430
  • Bump io.projectreactor:reactor-bom from 2023.0.7 to 2023.0.8 #​15388
  • Bump io.projectreactor:reactor-bom from 2023.0.8 to 2023.0.9 #​15597
  • Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.0 to 3.0.1 #​15582
  • Bump org-apache-maven-resolver from 1.9.20 to 1.9.21 #​15372
  • Bump org-apache-maven-resolver from 1.9.21 to 1.9.22 #​15545
  • Bump org-eclipse-jetty from 11.0.21 to 11.0.22 #​15356
  • Bump org.apache.maven:maven-resolver-provider from 3.9.7 to 3.9.8 #​15268
  • Bump org.apache.maven:maven-resolver-provider from 3.9.8 to 3.9.9 #​15642
  • Bump org.gretty:gretty from 4.1.4 to 4.1.5 #​15431
  • Bump org.hibernate.orm:hibernate-core from 6.4.9.Final to 6.4.10.Final #​15530
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.24 to 1.9.25 #​15456
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.24 to 1.9.25 #​15455
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.19 to 4.33.20 #​15267
  • Bump org.junit:junit-bom from 5.10.2 to 5.10.3 #​15315
  • Bump org.skyscreamer:jsonassert from 1.5.1 to 1.5.3 #​15336
  • Bump org.slf4j:slf4j-api from 2.0.13 to 2.0.14 #​15529
  • Bump org.slf4j:slf4j-api from 2.0.14 to 2.0.15 #​15546
  • Bump org.slf4j:slf4j-api from 2.0.15 to 2.0.16 #​15571
  • Bump org.springframework.data:spring-data-bom from 2024.0.1 to 2024.0.2 #​15421
  • Bump org.springframework.data:spring-data-bom from 2024.0.2 to 2024.0.3 #​15643
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.4 to 3.2.6 #​15620
  • Bump org.springframework:spring-framework-bom from 6.1.10 to 6.1.11 #​15402
  • Bump org.springframework:spring-framework-bom from 6.1.11 to 6.1.12 #​15613
  • Bump org.springframework:spring-framework-bom from 6.1.9 to 6.1.10 #​15279

🔩 Build Updates

  • Automate check of expected branch version #​15310
  • Bump @antora/collector-extension from 1.0.0-alpha.4 to 1.0.0-alpha.6 in /docs #​15449
  • Bump @antora/collector-extension from 1.0.0-alpha.6 to 1.0.0-alpha.7 in /docs #​15482
  • Bump @antora/collector-extension from 1.0.0-alpha.7 to 1.0.0-beta.1 in /docs #​15560
  • Bump @antora/collector-extension from 1.0.0-beta.1 to 1.0.0-beta.2 in /docs #​15637
  • Bump @springio/antora-extensions from 1.11.1 to 1.12.0 in /docs #​15418
  • Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs #​15517
  • Bump @springio/antora-extensions from 1.13.0 to 1.13.1 in /docs #​15561
  • Bump @springio/antora-extensions from 1.13.1 to 1.14.2 in /docs #​15636
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.10 to 1.0.0-alpha.11 in /docs #​15419
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.11 to 1.0.0-alpha.12 in /docs #​15515
  • Bump antora from 3.2.0-alpha.4 to 3.2.0-alpha.5 in /docs #​15329
  • Bump antora from 3.2.0-alpha.5 to 3.2.0-alpha.6 in /docs #​15480
  • Bump com.gradle.develocity from 3.17.5 to 3.17.6 #​15464
  • Bump io-spring-javaformat from 0.0.42 to 0.0.43 #​15650
  • Fix typos and formatting in documentation #​15380
  • Migrate slack notifications to GChat #​15505
  • Use explicit types instead of var #​15537

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Kehrlann, @​dependabot[bot], and @​tahakorkem

  • If you want to rebase/retry this PR, check this box

@Picnic-DevPla-Bot
Copy link
Contributor Author

Picnic-DevPla-Bot commented Aug 21, 2024
edited by Stephan202
Loading

Suggested commit message:

Upgrade Spring Security 6.3.1 -> 6.3.3 (#1303)

See:
- https://github.com/spring-projects/spring-security/releases/tag/6.3.2
- https://github.com/spring-projects/spring-security/releases/tag/6.3.3
- https://github.com/spring-projects/spring-security/compare/6.3.1...6.3.3

@github-actions GitHub Actions
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@Picnic-DevPla-Bot Picnic-DevPla-Bot changed the title Upgrade Spring Security 6.3.1 -> 6.3.2 Upgrade Spring Security 6.3.1 -> 6.3.3 Aug 23, 2024
@Picnic-DevPla-Bot Picnic-DevPla-Bot force-pushed the renovate/spring-security-6.x branch from a1860d3 to 14414d8 Compare August 23, 2024 01:02
@Stephan202 Stephan202 added this to the 0.19.0 milestone Aug 23, 2024
@Picnic-DevPla-Bot Picnic-DevPla-Bot force-pushed the renovate/spring-security-6.x branch from 14414d8 to f17c3bb Compare August 24, 2024 01:09
@rickie rickie force-pushed the renovate/spring-security-6.x branch from f17c3bb to d58b1f6 Compare August 26, 2024 09:35
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@github-actions GitHub Actions
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@rickie rickie merged commit 0821a95 into master Aug 26, 2024
@rickie rickie deleted the renovate/spring-security-6.x branch August 26, 2024 10:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Stephan202 Stephan202 Stephan202 approved these changes

@rickie rickie rickie approved these changes

Assignees

No one assigned

Labels

dependencies

Milestone

0.19.0

Development

Successfully merging this pull request may close these issues.

3 participants

@Picnic-DevPla-Bot @Stephan202 @rickie