Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
19,977 Commits 54 Branches 379 Tags
63c99b94380b02ef6bd563fde835bca8ed06d201
Commit Graph

19977 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrey Litvitski 0d5f42f852 Remove requireProofKey warning for non-auth-code flows 
The warning is unnecessary since PKCE only applies to authorization_code
flow and the code already corrects this silently.

Closes: gh-18221

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2025-12-09 15:29:00 -05:00
Josh Cummings 4d9d40ead8 Update validateType JavaDoc 
Closes gh-18227

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2025-12-09 09:07:30 -07:00
dependabot[bot] 568378268e Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.13 to 1.14.14.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.13...v1.14.14)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-09 03:14:47 +00:00
dependabot[bot] 59ffb6f6d1 Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14 
Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.13 to 1.14.14.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](https://github.com/micrometer-metrics/micrometer/compare/v1.14.13...v1.14.14)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-09 03:07:04 +00:00
dependabot[bot] cf8d6a2ee7 Bump io.mockk:mockk from 1.14.6 to 1.14.7 
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.6...1.14.7)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-08 03:18:00 +00:00
dependabot[bot] fd0de94c1b Bump io.mockk:mockk from 1.14.6 to 1.14.7 
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.6...1.14.7)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-08 03:09:21 +00:00
Joe Grandja 29b9dc6f04 Register runtime hints for authorization server 
Issue gh-18251
 2025-12-04 15:30:39 -05:00
kucoll 10edc14d7e Fix typo in AnnotationTemplateExpressionDefaults 
The AnnotationTemplateExpressionDeafults was wrong,and right is  AnnotationTemplateExpressionDefaults

Signed-off-by: kucoll <kucoll@163.com>
 2025-12-02 17:26:34 -06:00
kucoll 7503d8018d Fix typo in AnnotationTemplateExpressionDefaults 
The AnnotationTemplateExpressionDeafults was wrong,and right is  AnnotationTemplateExpressionDefaults

Signed-off-by: kucoll <kucoll@163.com>
 2025-12-02 17:22:12 -06:00
Joe Grandja c53e66a217 OAuth2AuthorizationEndpointFilter is applied after AuthorizationFilter 
Closes gh-18251
 2025-12-02 08:49:49 -05:00
Soumik Sarker 244b5a16be Added test scope for NPE in RequestMethod 
Signed-off-by: Soumik Sarker <ronodhirsoumik@gmail.com>
 2025-12-01 18:06:42 -06:00
Guillaume Husta 1ce73dd45a docs: Fix example in Custom DSLs for http.csrf() 
It should use lambda dsl to compile

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2025-12-01 18:02:41 -06:00
Guillaume Husta bb7fcb27ef docs: Fix example in MyCustomDsl to remove throws Exception 
In `init` and `configure`, throws Exception has been removed in the super interface `SecurityConfigurer`, since Spring Security 7.0.
This change is the consequence of https://github.com/spring-projects/spring-security/issues/17957

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2025-12-01 17:59:07 -06:00
sach429 19cbd9c570 Update OAuth2 Client to OAuth2 Resource Server 
Fix section title to match the corresponding example

Signed-off-by: sach429 <satrajit.acharya@gmail.com>
 2025-12-01 17:42:28 -06:00
dependabot[bot] a20724d30b Bump tools.jackson:jackson-bom from 3.0.2 to 3.0.3 
Bumps [tools.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 3.0.2 to 3.0.3.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-3.0.2...jackson-bom-3.0.3)

---
updated-dependencies:
- dependency-name: tools.jackson:jackson-bom
  dependency-version: 3.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 17:30:13 -06:00
dependabot[bot] 3ca59af04f Bump com.fasterxml.jackson:jackson-bom from 2.20.0 to 2.20.1 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.20.0 to 2.20.1.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.0...jackson-bom-2.20.1)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.20.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 17:19:27 -06:00
L33gn21 b37c5584f9 Fix broken link to Spring Boot docs 
Signed-off-by: L33gn21 <l33gn21@gmail.com>
 2025-12-01 16:52:43 -06:00
dependabot[bot] 09e80aafe8 Bump antora from 3.2.0-alpha.10 to 3.2.0-alpha.11 in /docs 
Bumps [antora](https://gitlab.com/antora/antora) from 3.2.0-alpha.10 to 3.2.0-alpha.11.
- [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc)
- [Commits](https://gitlab.com/antora/antora/compare/v3.2.0-alpha.10...v3.2.0-alpha.11)

---
updated-dependencies:
- dependency-name: antora
  dependency-version: 3.2.0-alpha.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 14:55:39 -06:00
Rob Winch 43ca71d7b8 Remove 6.3.x from dependabot 
6.3.x is no longer supported in OSS

Signed-off-by: Rob Winch <362503+rwinch@users.noreply.github.com>
 2025-12-01 14:55:16 -06:00
Rob Winch 3ecd4f3fde Bump org.springframework:spring-framework-bom from 7.0.0 to 7.0.1 2025-12-01 14:39:26 -06:00
Rob Winch 6cd43d38d5 Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 2025-12-01 14:39:24 -06:00
Rob Winch 3fbe972323 Bump org.apache.kerby:kerb-simplekdc from 2.1.0 to 2.1.1 2025-12-01 14:39:22 -06:00
dependabot[bot] e582691996 Bump tools.jackson:jackson-bom from 3.0.1 to 3.0.2 
Bumps [tools.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 3.0.1 to 3.0.2.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-3.0.1...jackson-bom-3.0.2)

---
updated-dependencies:
- dependency-name: tools.jackson:jackson-bom
  dependency-version: 3.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 14:38:46 -06:00
Rob Winch 0288b5e345 Merge branch '6.5.x' 2025-12-01 14:36:54 -06:00
Rob Winch 1cf75e710e Bump org.hibernate.orm:hibernate-core from 6.6.36.Final to 6.6.38.Final 2025-12-01 14:36:28 -06:00
Rob Winch 2e55e0cdb3 Merge branch '6.4.x' into 6.5.x 2025-12-01 14:36:17 -06:00
dependabot[bot] e010d5e689 Bump org.hibernate.orm:hibernate-core from 6.6.36.Final to 6.6.38.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.36.Final to 6.6.38.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.38/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.36...6.6.38)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.38.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 03:35:03 +00:00
dependabot[bot] d3a55291bc Bump org.hibernate.orm:hibernate-core from 6.6.36.Final to 6.6.38.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.36.Final to 6.6.38.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.38/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.36...6.6.38)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.38.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 03:26:20 +00:00
dependabot[bot] c241ec5f03 Bump org.apache.kerby:kerb-simplekdc from 2.1.0 to 2.1.1 
Bumps org.apache.kerby:kerb-simplekdc from 2.1.0 to 2.1.1.

---
updated-dependencies:
- dependency-name: org.apache.kerby:kerb-simplekdc
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 03:15:27 +00:00
dependabot[bot] 8d799c3c6e Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.20 to 1.5.21.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.20...v_1.5.21)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 03:15:02 +00:00
dependabot[bot] 9aa729f89a Bump org.springframework:spring-framework-bom from 7.0.0 to 7.0.1 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/compare/v7.0.0...v7.0.1)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-24 03:14:22 +00:00
Rob Winch 9126aaf19b Merge branch '6.5.x' 2025-11-21 10:36:55 -06:00
Rob Winch eb5f9e0305 Merge branch '6.4.x' into 6.5.x 2025-11-21 10:36:43 -06:00
Peter Potrowl d84d0ca22e Fix typo in ldap.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:33:48 -06:00
Peter Potrowl f1793f5047 Fix typo in passkeys.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:33:48 -06:00
Peter Potrowl 4b227649f0 Fix typo in ldap.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:28:47 -06:00
Peter Potrowl cfc27f8cc3 Fix typo in passkeys.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:28:47 -06:00
dependabot[bot] 2f583fc15f Bump js-yaml from 4.1.0 to 4.1.1 in /javascript 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.0 to 4.1.1.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-21 10:27:09 -06:00
Rob Winch e584196c1d Fix typos in documentation depenendencies->dependencies 
Closes gh-18197
 2025-11-21 10:17:49 -06:00
Peter Potrowl 5baff27ffb Fix typo in ldap.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:12:20 -06:00
Peter Potrowl 39aaf25b60 Fix typo in passkeys.adoc 
Signed-off-by: Peter Potrowl <peter.potrowl@gmail.com>
 2025-11-21 10:12:20 -06:00
Rob Winch 4327de8667 Bump org-aspectj from 1.9.24 to 1.9.25 2025-11-21 09:57:17 -06:00
Rob Winch 0a7ff3a18a Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to 1.0.13 2025-11-21 09:57:15 -06:00
Rob Winch f77c78b04a Bump org.junit:junit-bom from 6.0.0 to 6.0.1 2025-11-21 09:57:13 -06:00
Rob Winch 074c1c038f Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 2025-11-21 09:57:10 -06:00
Rob Winch 7abfcd3963 Merge branch '6.5.x' 2025-11-21 09:57:00 -06:00
Rob Winch 86d630265c Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 2025-11-21 09:56:32 -06:00
Rob Winch 7b78b0c723 Bump org.hibernate.orm:hibernate-core from 6.6.34.Final to 6.6.36.Final 2025-11-21 09:56:30 -06:00
Rob Winch e6a4ee03ff Bump org.springframework:spring-framework-bom from 6.2.13 to 6.2.14 2025-11-21 09:56:29 -06:00
Rob Winch 5cd3f535cf Merge branch '6.4.x' into 6.5.x 2025-11-21 09:56:08 -06:00