Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,800 Commits 54 Branches 379 Tags
5c6696ceabe9e2d7ca7929c4718c21238583c797
Commit Graph

566 Commits

Author SHA1 Message Date
Joe Grandja 073fc9874b Revert snapshots to Spring Framework 7.0.+ 
Closes gh-19024
 2026-04-02 15:52:23 -04:00
dependabot[bot] 826f5d6d72 Bump spring-io/spring-gradle-build-action from 2.0.5 to 2.0.6 
Bumps [spring-io/spring-gradle-build-action](https://github.com/spring-io/spring-gradle-build-action) from 2.0.5 to 2.0.6.
- [Release notes](https://github.com/spring-io/spring-gradle-build-action/releases)
- [Commits](https://github.com/spring-io/spring-gradle-build-action/compare/efc55f07f4dfa22f2afd97f9ea1be4212eeed737...c8668747d7c264864c8c7f7026d0d277d14a78dc)

---
updated-dependencies:
- dependency-name: spring-io/spring-gradle-build-action
  dependency-version: 2.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-27 00:46:59 +00:00
Josh Cummings 608b36bb1d Add docs-build to Dependabot Auto-Merge 
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-25 14:45:37 -06:00
dependabot[bot] 399ef5b663 Bump spring-io/spring-security-release-tools from 1.0.14 to 1.0.15 
Bumps [spring-io/spring-security-release-tools](https://github.com/spring-io/spring-security-release-tools) from 1.0.14 to 1.0.15.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.14...b92832ecbc7cbe969201e6beafbde0ee400cf095)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools
  dependency-version: 1.0.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-20 00:58:59 +00:00
dependabot[bot] 7a0a29b800 Bump spring-io/spring-security-release-tools/.github/workflows/update-scheduled-release-version.yml 
Bumps [spring-io/spring-security-release-tools/.github/workflows/update-scheduled-release-version.yml](https://github.com/spring-io/spring-security-release-tools) from 1.0.14 to 1.0.15.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/729fed56d42122f88583aff1be35c0800b7d77e9...b92832ecbc7cbe969201e6beafbde0ee400cf095)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/update-scheduled-release-version.yml
  dependency-version: 1.0.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-20 00:46:34 +00:00
dependabot[bot] 9dfbd681ab Bump spring-io/spring-security-release-tools/.github/workflows/perform-release.yml 
Bumps [spring-io/spring-security-release-tools/.github/workflows/perform-release.yml](https://github.com/spring-io/spring-security-release-tools) from 1.0.14 to 1.0.15.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.14...b92832ecbc7cbe969201e6beafbde0ee400cf095)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml
  dependency-version: 1.0.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-20 00:45:50 +00:00
dependabot[bot] 4e53ebb75b Bump spring-io/spring-security-release-tools/.github/workflows/test.yml 
Bumps [spring-io/spring-security-release-tools/.github/workflows/test.yml](https://github.com/spring-io/spring-security-release-tools) from 1.0.14 to 1.0.15.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/729fed56d42122f88583aff1be35c0800b7d77e9...b92832ecbc7cbe969201e6beafbde0ee400cf095)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/test.yml
  dependency-version: 1.0.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-20 00:45:47 +00:00
Josh Cummings 82e5b88947 Merge branch '7.0.x' 2026-03-16 11:43:35 -06:00
Josh Cummings a2c0ac112b Update to spring-security-release-tools 1.0.15 
Closes gh-18909

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-16 11:43:19 -06:00
Josh Cummings 732afc3e17 Merge branch '7.0.x' 2026-03-16 10:49:35 -06:00
Josh Cummings ea6e7ab78f Merge branch '6.5.x' into 7.0.x 2026-03-16 10:49:23 -06:00
Josh Cummings 01ff3b086a Add Workflow for Deferring Issues 
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-16 10:49:07 -06:00
dependabot[bot] f12036db05 Bump actions/upload-artifact from 6.0.0 to 7.0.0 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-03 18:16:39 -07:00
dependabot[bot] fbd9880a33 Bump actions/upload-artifact from 6.0.0 to 7.0.0 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-03 17:48:29 -07:00
Josh Cummings e7bf4b561c Ignore nullability plugin for 7.0.x 
Since later versions of the nullability plugin require JDK 25,
this commit ignores the dependency on 7.0.x, which builds on
JDK 17

Closes gh-18831

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-03-03 17:37:46 -07:00
dependabot[bot] 18995c89ee Bump actions/upload-artifact from 6.0.0 to 7.0.0 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-27 00:45:15 +00:00
dependabot[bot] 1fdfd45782 Bump spring-io/spring-security-release-tools/.github/workflows/test.yml 
Bumps [spring-io/spring-security-release-tools/.github/workflows/test.yml](https://github.com/spring-io/spring-security-release-tools) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/7d42d82298553f123a9dad622e0eac725aaf52ef...729fed56d42122f88583aff1be35c0800b7d77e9)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/test.yml
  dependency-version: 1.0.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-20 09:42:07 -06:00
Stefano Cordio 3cc707621f Prevent execution of scheduled GitHub Actions on forks 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>
 2026-02-19 14:41:12 -06:00
Josh Cummings e5906d97ea Remove Typo in Java Version Declaration 
Issue gh-18512

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-13 10:04:03 -07:00
dependabot[bot] 9d3e217b79 Bump spring-io/spring-security-release-tools from 1.0.13 to 1.0.14 
Bumps [spring-io/spring-security-release-tools](https://github.com/spring-io/spring-security-release-tools) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...729fed56d42122f88583aff1be35c0800b7d77e9)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools
  dependency-version: 1.0.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-13 00:49:00 +00:00
dependabot[bot] 7bbfc09f49 Bump spring-io/spring-security-release-tools/.github/workflows/perform-release.yml 
Bumps [spring-io/spring-security-release-tools/.github/workflows/perform-release.yml](https://github.com/spring-io/spring-security-release-tools) from 1.0.13 to 1.0.14.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Changelog](https://github.com/spring-io/spring-security-release-tools/blob/main/RELEASE.adoc)
- [Commits](https://github.com/spring-io/spring-security-release-tools/compare/v1.0.13...729fed56d42122f88583aff1be35c0800b7d77e9)

---
updated-dependencies:
- dependency-name: spring-io/spring-security-release-tools/.github/workflows/perform-release.yml
  dependency-version: 1.0.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-13 00:47:48 +00:00
Josh Cummings 25aec8c5e0 Update Release Steps to JDK 25 
Issue gh-18512

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-12 10:29:43 -07:00
Josh Cummings 6eb0af9912 Merge branch '7.0.x' 2026-02-12 10:28:00 -07:00
Josh Cummings 6cbbf6c561 Merge branch '6.5.x' into 7.0.x 2026-02-12 10:27:46 -07:00
Josh Cummings 10cb6f7003 Update spring-security-release-tools 1.0.14 2026-02-12 10:25:47 -07:00
Josh Cummings 7fdff6a907 Use spring-github-workflows Auto-Merge 2026-02-12 10:21:32 -07:00
Josh Cummings b88ddc8d0d Enable Dependabot Auto-Merge on Main 
Closes gh-18712

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-10 09:56:02 -07:00
dependabot[bot] fa7c6ea583 Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.20 to 0.0.22.
- [Commits](https://github.com/spring-io/spring-doc-actions/compare/e28269199d1d27975cf7f65e16d6095c555b3cd0...415e2b11a766ba64799fffb5c97a4f7e17f677cf)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:12:57 -06:00
Robert Winch fa10e74d76 Consistent Dependabot Configuration Across Supported Branches 
- Ensure 'type: dependency-upgrade'
- Ensure that every ecosystem is ran on all supported branches
- Consistent ordering per branch (allows adding/removing branches easier)
 2026-02-06 11:50:46 -06:00
dependabot[bot] 29ed4dd724 Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.20 to 0.0.22.
- [Commits](https://github.com/spring-io/spring-doc-actions/compare/e28269199d1d27975cf7f65e16d6095c555b3cd0...415e2b11a766ba64799fffb5c97a4f7e17f677cf)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 17:25:46 -07:00
Josh Cummings 447e76bd06 Update to actions/checkout 6.0.2 2026-02-05 16:57:30 -07:00
dependabot[bot] 20663e2849 Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.20 to 0.0.22.
- [Commits](https://github.com/spring-io/spring-doc-actions/compare/e28269199d1d27975cf7f65e16d6095c555b3cd0...415e2b11a766ba64799fffb5c97a4f7e17f677cf)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 23:46:14 +00:00
Josh Cummings eeb080a191 Remove Branch Ecosystem Declarations 
These may have been added in error. Removing until it's clear
if they are needed

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 16:45:16 -07:00
Josh Cummings b8c6b9fbff Add directory attribute 
Issue gh-18648
 2026-02-05 16:37:27 -07:00
Josh Cummings 3cf0a1ccb7 Use Dependabot for GitHub Actions 
Closes gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 14:47:42 -07:00
Josh Cummings c2f0f7b6ab Use SHA Hashes for spring-security-release-tools Workflows 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 14:47:16 -07:00
Josh Cummings 8cd2f36e84 Merge branch '7.0.x' 2026-02-05 14:45:09 -07:00
Josh Cummings 41e7af70b5 Merge branch '6.5.x' into 7.0.x 2026-02-05 13:46:21 -07:00
Josh Cummings 46a9514420 Update to setup-gradle 5.0.1 
note that gradle/gradle-build-action is superceded by
setup-gradle.

Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:44:02 -07:00
Josh Cummings 8432df498e Update upload-artifact to 6.0.0 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:44:00 -07:00
Josh Cummings 63162eb5f1 Update to setup-java 5.2.0 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:43:56 -07:00
Josh Cummings 5c3b8c513b Update spring-gradle-build-action to 2.0.5 
Issue gh-18648
 2026-02-05 13:43:11 -07:00
Josh Cummings d276c943fc Update actions/checkout to 6.0.2 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:43:06 -07:00
Josh Cummings 18d9dd77ec Use SHA Hashes for spring-security-release-tools Workflows 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:42:22 -07:00
Robert Winch a8ca5b7d42 Remove 6.4.x from antora ui updates 
6.4.x is no longer supported
 2026-01-16 15:16:34 -06:00
Robert Winch afa5804170 Remove 6.4.x dependabot 
6.4.x is no longer has OSS support
 2026-01-16 15:15:37 -06:00
Robert Winch 577d294fdc Remove milestone repository 
Spring uses central for milestones now
 2026-01-16 15:06:23 -06:00
Robert Winch 048b6bdd88 Update to JDK 25 (release = 17) 
This commit updates the build to use JDK 25 while remaining compatable with JDK 17.

Note that we must update our JAAS related tests to use release=25 due to the disabling of
the Security Manager. See
https://docs.oracle.com/en/java/javase/25/security/security-manager-is-permanently-disabled.html

Closes gh-18512
 2026-01-16 11:25:59 -06:00
Robert Winch 43fe5f6b46 Fix update-antora-ui-spring.yml 2026-01-12 14:37:34 -06:00
Robert Winch 63c99b9438 Revert "Update to 7.1.0-SNAPSHOT" 
This reverts commit b77ea8d3a3.
 2026-01-12 14:31:57 -06:00