Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,030 Commits 54 Branches 379 Tags
8746ef746c86feee53451ba11fde93f6f776e2ca
Commit Graph

20030 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Winch 8746ef746c Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 2026-01-16 15:19:56 -06:00
Robert Winch e72c39cabc Merge branch '7.0.x' 2026-01-16 15:19:42 -06:00
Robert Winch bd3441caac Merge branch '6.5.x' into 7.0.x 2026-01-16 15:18:39 -06:00
Robert Winch 8879aa83a3 Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14 2026-01-16 15:17:34 -06:00
Robert Winch a8ca5b7d42 Remove 6.4.x from antora ui updates 
6.4.x is no longer supported
 2026-01-16 15:16:34 -06:00
Robert Winch afa5804170 Remove 6.4.x dependabot 
6.4.x is no longer has OSS support
 2026-01-16 15:15:37 -06:00
dependabot[bot] 15dd96bddb Bump io.spring.nullability:io.spring.nullability.gradle.plugin 
Bumps [io.spring.nullability:io.spring.nullability.gradle.plugin](https://github.com/spring-gradle-plugins/nullability-plugin) from 0.0.6 to 0.0.9.
- [Release notes](https://github.com/spring-gradle-plugins/nullability-plugin/releases)
- [Commits](https://github.com/spring-gradle-plugins/nullability-plugin/compare/v0.0.6...v0.0.9)

---
updated-dependencies:
- dependency-name: io.spring.nullability:io.spring.nullability.gradle.plugin
  dependency-version: 0.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-16 15:10:17 -06:00
Robert Winch 6b2e0444dd Bump org.springframework:spring-framework-bom from 7.0.3-SNAPSHOT to 7.0.3 
Closes gh-18515
 2026-01-16 15:08:15 -06:00
Robert Winch 577d294fdc Remove milestone repository 
Spring uses central for milestones now
 2026-01-16 15:06:23 -06:00
Robert Winch 0993e5735e Add missing @NullMarked 
Closes gh-18514
 2026-01-16 14:53:16 -06:00
Robert Winch 048b6bdd88 Update to JDK 25 (release = 17) 
This commit updates the build to use JDK 25 while remaining compatable with JDK 17.

Note that we must update our JAAS related tests to use release=25 due to the disabling of
the Security Manager. See
https://docs.oracle.com/en/java/javase/25/security/security-manager-is-permanently-disabled.html

Closes gh-18512
 2026-01-16 11:25:59 -06:00
Robert Winch 6e9b4f86a4 Fix nullability for JDK 25 
Closes gh-18511
 2026-01-16 10:53:19 -06:00
Robert Winch 38b66e8407 Update to Gradle 9.2.1 
Closes gh-18510
 2026-01-16 10:48:28 -06:00
Robert Winch 9e5b3d9ea1 Update to Kotlin 2.3.0 
Closes gh-18509
 2026-01-16 10:46:58 -06:00
Robert Winch 7563932106 Update jococo 0.8.14 
Closes gh-18508
 2026-01-16 10:46:53 -06:00
Robert Winch 48f958cbbf Fix OAuth2AuthorizationRequestRedirectFilter constructor tests 
OAuth2AuthorizationRequestRedirectFilterTests attempt to validate the constructors throw IllegalArgumentException if an invalid argument is provided, but
they are flawed because it is the relective code that is throwing the IllegalArgumentException due to imprecise type information.

This changes the tests to no longer use unnecessary reflection and casts the types so that the type information is used to target the correct
constructor.

Closes gh-18507
 2026-01-16 10:34:10 -06:00
Josh Cummings 30d6b3a02b Merge branch '7.0.x' 2026-01-15 12:41:29 -07:00
Josh Cummings 1f39a3dd3e Merge branch '6.5.x' into 7.0.x 2026-01-15 12:41:22 -07:00
Josh Cummings 84b124d29d Merge branch '6.4.x' into 6.5.x 2026-01-15 12:41:16 -07:00
songhee fee6a9bb0e docs: add CurrentSecurityContext section and link references 
Signed-off-by: songhee <songhee9327@gmail.com>
 2026-01-15 12:31:58 -07:00
Tran Ngoc Nhan cfe13c7c76 Fix typos 
Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
 2026-01-15 10:52:01 -07:00
Josh Cummings 3336f5f2ec Merge branch '7.0.x' 2026-01-14 14:47:31 -07:00
Josh Cummings d2ed8321b4 Merge branch '6.5.x' into 7.0.x 2026-01-14 14:46:36 -07:00
Guillaume Husta dd1f097131 Add @FunctionalInterface to RequestMatcher 
Add `@FunctionalInterface` to `RequestMatcher`.

According to the documentation, it is a FunctionalInterface.

See: https://docs.spring.io/spring-security/reference/6.5/servlet/authorization/authorize-http-requests.html#match-by-custom

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2026-01-14 14:45:22 -07:00
Josh Cummings 565896404c Merge branch '7.0.x' 2026-01-14 14:36:12 -07:00
Josh Cummings 7690c284c0 Merge branch '6.5.x' into 7.0.x 2026-01-14 14:35:59 -07:00
Guillaume Husta 508b3f26e3 docs: Typo in page Preparing for 7.0 / Web (version 6.5) 
In section 'Include the Servlet Path Prefix in Authorization Rules', `PathPatternRequestParser` should be replaced by `PathPatternRequestMatcher`.

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
 2026-01-14 14:35:26 -07:00
박기현\qkrrl 91d8a04ec2 Fix duplicated use-authorization-manager in docs 
Signed-off-by: 박기현\qkrrl <qkrrlgus114@naver.com>
 2026-01-14 14:21:38 -07:00
Marcus Hert da Coregio 8254f589b8 Create Jackson Mixin for OneTimeTokenAuthentication 
Closes gh-18095

Signed-off-by: Marcus Hert da Coregio <marcusdacoregio@gmail.com>
 2026-01-14 10:35:02 -07:00
dependabot[bot] f2e674ff77 Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2024.0.13 to 2024.0.14.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2024.0.13...2024.0.14)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2024.0.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-14 03:08:22 +00:00
dependabot[bot] 3f773abf7c Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.1 to 2025.0.2.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.1...2025.0.2)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-14 03:05:35 +00:00
Joe Grandja 92b7c41f2f Ensure Cursor imports Spring Security 
Closes gh-8492
 2026-01-13 17:01:21 -05:00
Bae Jihong 8692185de1 Fix javadoc warnings for spring-security-oauth2-client 
- Fix a javadoc warning
- Apply javadoc-warnings-error plugin

Closes gh-18460

Signed-off-by: Bae Jihong <dasog@naver.com>
 2026-01-13 10:01:13 -06:00
Robert Winch 7ca0f7723e Fix checkstyle 2026-01-12 16:28:22 -06:00
Stefano Cordio a612522ecd Add nullability contract to PasswordEncoder#encode 
Signed-off-by: Stefano Cordio <stefano.cordio@gmail.com>
 2026-01-12 16:28:22 -06:00
Robert Winch fe138d6434 Merge branch '7.0.x' 2026-01-12 16:05:51 -06:00
Robert Winch 7fcbf642b8 Use project.artifactory(Username|Password) 2026-01-12 16:05:38 -06:00
Robert Winch a32d9f04e3 Revert "Use project.artifactory(Username|Password)" 
This reverts commit 9c449000dc.
 2026-01-12 16:04:56 -06:00
Robert Winch 93ae52aa58 Merge branch '7.0.x' 2026-01-12 15:48:57 -06:00
Robert Winch 9c449000dc Use project.artifactory(Username|Password) 2026-01-12 15:48:47 -06:00
Robert Winch 43fe5f6b46 Fix update-antora-ui-spring.yml 2026-01-12 14:37:34 -06:00
Robert Winch f47f81351e Merge branch '7.0.x' 2026-01-12 14:32:23 -06:00
Robert Winch 63c99b9438 Revert "Update to 7.1.0-SNAPSHOT" 
This reverts commit b77ea8d3a3.
 2026-01-12 14:31:57 -06:00
paulvas 0d47870928 Fix: migrate compiler-warnings-error plugin to gradle 
Fixes: gh-18434
Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
paulvas da4362111a Fix: Enforce compiler warnings in oauth2-core 
To prevent future compiler warnings from being introduced, this change
applies the `compile-warnings-error` plugin to the
`spring-security-oauth2-core` module.

This ensures that any new warnings will fail the build, maintaining
code quality and preventing warning accumulation.

Fixes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Pavel Vassiliev 1ddccd8a39 Fix spring-security-oauth2-core compiler warnings 
Closes: gh-18434
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: paulvas <paulvas@gmail.com>
 2026-01-12 13:57:57 -06:00
Robert Winch 2825aa3ff1 Merge branch '7.0.x' 
Closes gh-18485
 2026-01-12 13:44:13 -06:00
Pavel Vassiliev 641d8a362b Fix Gradle 9.0 deprecations 
This commit addresses several build warnings and errors to prepare for
Gradle 9.0 and resolve static analysis issues.
Closes: gh-18472
Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>

Signed-off-by: Pavel Vassiliev <paulvas@gmail.com>
 2026-01-12 13:43:16 -06:00
Robert Winch ec06f08bb6 Merge branch '7.0.x' 2026-01-12 13:38:52 -06:00
Andrey Litvitski 13f6286e04 Use DefaultParameterNameDiscoverer#getSharedInstance 
Closes: gh-18330

Signed-off-by: Andrey Litvitski <andrey1010102008@gmail.com>
 2026-01-12 13:37:32 -06:00