4b65d1c763
Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2
...
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor ) from 2025.0.1 to 2025.0.2.
- [Release notes](https://github.com/reactor/reactor/releases )
- [Commits](https://github.com/reactor/reactor/compare/2025.0.1...2025.0.2 )
---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
dependency-version: 2025.0.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-05 23:47:05 +00:00
ce5e28e3f1
Bump org.springframework:spring-framework-bom
...
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework ) from 7.0.3-SNAPSHOT to 7.0.4-SNAPSHOT.
- [Release notes](https://github.com/spring-projects/spring-framework/releases )
- [Commits](https://github.com/spring-projects/spring-framework/commits )
---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
dependency-version: 7.0.4-SNAPSHOT
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-05 23:46:50 +00:00
355f6ccc64
Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2
...
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom ) from 2025.1.1 to 2025.1.2.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases )
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.1...2025.1.2 )
---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
dependency-version: 2025.1.2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-05 23:46:41 +00:00
20663e2849
Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22
...
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions ) from 0.0.20 to 0.0.22.
- [Commits](https://github.com/spring-io/spring-doc-actions/compare/e28269199d1d27975cf7f65e16d6095c555b3cd0...415e2b11a766ba64799fffb5c97a4f7e17f677cf )
---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
dependency-version: 0.0.22
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-05 23:46:14 +00:00
41e7af70b5
Merge branch '6.5.x' into 7.0.x
2026-02-05 13:46:21 -07:00
46a9514420
Update to setup-gradle 5.0.1
...
note that gradle/gradle-build-action is superceded by
setup-gradle.
Issue gh-18648
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-05 13:44:02 -07:00
8432df498e
Update upload-artifact to 6.0.0
...
Issue gh-18648
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-05 13:44:00 -07:00
63162eb5f1
Update to setup-java 5.2.0
...
Issue gh-18648
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-05 13:43:56 -07:00
5c3b8c513b
Update spring-gradle-build-action to 2.0.5
...
Issue gh-18648
2026-02-05 13:43:11 -07:00
d276c943fc
Update actions/checkout to 6.0.2
...
Issue gh-18648
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-05 13:43:06 -07:00
18d9dd77ec
Use SHA Hashes for spring-security-release-tools Workflows
...
Issue gh-18648
Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com >
2026-02-05 13:42:22 -07:00
d3c42a7a4f
Polish OAuth2ConfigurerUtils
2026-02-05 04:52:02 -05:00
e61c03f7c3
Fix to allow multiple PasswordEncoder beans
...
Closes gh-18645
2026-02-05 04:51:51 -05:00
2c97b3376b
Document Client PKCE settings
...
Updated the documentation to reflect recent changes to enable PKCE by default for `authorization_code` flows in the documentation for the client.
Closes gh-18304
Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com >
2026-02-02 16:30:27 -05:00
9273f411c1
Merge branch '6.5.x' into 7.0.x
2026-02-02 11:12:53 -06:00
d6e3ec78cd
Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27
2026-02-02 11:12:18 -06:00
48c1023fd6
Bump org.hibernate.orm:hibernate-core from 6.6.41.Final to 6.6.42.Final
...
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm ) from 6.6.41.Final to 6.6.42.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases )
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.42/changelog.txt )
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.41...6.6.42 )
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
dependency-version: 6.6.42.Final
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-02 03:11:29 +00:00
04dbdc8588
Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.26 to 1.5.27.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.26...v_1.5.27 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.27
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-02 03:11:13 +00:00
6ca04d9b77
Merge branch '6.5.x' into 7.0.x
2026-01-27 11:16:43 -06:00
3960bf950d
Bump org.assertj:assertj-core from 3.27.6 to 3.27.7
2026-01-27 10:00:00 -06:00
bc6ac7c8c6
Bump ch.qos.logback:logback-classic from 1.5.25 to 1.5.26
2026-01-27 09:59:50 -06:00
74b93a19f6
Externalize java-toolchain configuration
...
We should not use subprojects to perform configuration becaause it
does not allow for lazy loading and it can cause ordering problems.
In this case, the toolchain was not being used but instead it was
using the JAVA_HOME.
By splitting the configuration into a plugin and applying it to each
project it fixes the toolchain configuration
2026-01-26 22:06:36 -06:00
6dd6e8ebb1
Merge branch '6.5.x' into 7.0.x
...
Closes gh-18235
2026-01-26 12:06:19 -06:00
edd82ba82c
gh-18234: Create SHA-1 MessageDigest for every new check request
...
Signed-off-by: Garvit Joshi <garvitjoshi9@gmail.com >
2026-01-26 11:06:25 -06:00
cf656ce6e1
Bump ch.qos.logback:logback-classic from 1.5.25 to 1.5.26
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.25 to 1.5.26.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.25...v_1.5.26 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.26
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-26 03:11:50 +00:00
f75e9c7138
Bump org.assertj:assertj-core from 3.27.6 to 3.27.7
...
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj ) from 3.27.6 to 3.27.7.
- [Release notes](https://github.com/assertj/assertj/releases )
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.6...assertj-build-3.27.7 )
---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
dependency-version: 3.27.7
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-26 03:11:34 +00:00
7cfcfaefae
BearerTokenAuthenticationEntryPoint uses context path
...
Closes gh-18528
Signed-off-by: Daniel Garnier-Moiroux <git@garnier.wf >
2026-01-23 06:27:26 -05:00
f7f5165321
Merge branch '6.5.x' into 7.0.x
2026-01-21 15:33:03 -06:00
27f91e03f9
Bump org.hibernate.orm:hibernate-core from 6.6.40.Final to 6.6.41.Final
2026-01-21 15:32:25 -06:00
b7230c367e
Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25
2026-01-21 15:32:20 -06:00
cd72cb1f2e
Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25
2026-01-21 15:32:16 -06:00
a865671526
Merge branch '6.4.x' into 6.5.x
2026-01-21 15:31:53 -06:00
4f52b71be8
Bump org.hibernate.orm:hibernate-core from 6.6.40.Final to 6.6.41.Final
2026-01-21 15:31:04 -06:00
398430f672
Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25
2026-01-21 15:30:50 -06:00
03b3b852f5
Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25
...
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions ) from 0.0.24 to 0.0.25.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases )
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.24...v0.0.25 )
---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
dependency-version: 0.0.25
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-21 03:08:52 +00:00
e54bb9f3f5
Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25
...
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions ) from 0.0.24 to 0.0.25.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases )
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.24...v0.0.25 )
---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
dependency-version: 0.0.25
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-21 03:06:52 +00:00
30be114a5e
Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.24 to 1.5.25.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.24...v_1.5.25 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.25
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-19 03:22:36 +00:00
75121bf455
Bump org.hibernate.orm:hibernate-core from 6.6.40.Final to 6.6.41.Final
...
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm ) from 6.6.40.Final to 6.6.41.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases )
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.41/changelog.txt )
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.40...6.6.41 )
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
dependency-version: 6.6.41.Final
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-19 03:22:23 +00:00
aa21e62fb8
Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25
...
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback ) from 1.5.24 to 1.5.25.
- [Release notes](https://github.com/qos-ch/logback/releases )
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.24...v_1.5.25 )
---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
dependency-version: 1.5.25
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-19 03:21:35 +00:00
b58187082a
Bump org.hibernate.orm:hibernate-core from 6.6.40.Final to 6.6.41.Final
...
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm ) from 6.6.40.Final to 6.6.41.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases )
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.41/changelog.txt )
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.40...6.6.41 )
---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
dependency-version: 6.6.41.Final
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-19 03:21:26 +00:00
bd3441caac
Merge branch '6.5.x' into 7.0.x
2026-01-16 15:18:39 -06:00
8879aa83a3
Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14
2026-01-16 15:17:34 -06:00
1f39a3dd3e
Merge branch '6.5.x' into 7.0.x
2026-01-15 12:41:22 -07:00
84b124d29d
Merge branch '6.4.x' into 6.5.x
2026-01-15 12:41:16 -07:00
fee6a9bb0e
docs: add CurrentSecurityContext section and link references
...
Signed-off-by: songhee <songhee9327@gmail.com >
2026-01-15 12:31:58 -07:00
d2ed8321b4
Merge branch '6.5.x' into 7.0.x
2026-01-14 14:46:36 -07:00
dd1f097131
Add @FunctionalInterface to RequestMatcher
...
Add `@FunctionalInterface` to `RequestMatcher`.
According to the documentation, it is a FunctionalInterface.
See: https://docs.spring.io/spring-security/reference/6.5/servlet/authorization/authorize-http-requests.html#match-by-custom
Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com >
2026-01-14 14:45:22 -07:00
7690c284c0
Merge branch '6.5.x' into 7.0.x
2026-01-14 14:35:59 -07:00
508b3f26e3
docs: Typo in page Preparing for 7.0 / Web (version 6.5)
...
In section 'Include the Servlet Path Prefix in Authorization Rules', `PathPatternRequestParser` should be replaced by `PathPatternRequestMatcher`.
Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com >
2026-01-14 14:35:26 -07:00
f2e674ff77
Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14
...
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor ) from 2024.0.13 to 2024.0.14.
- [Release notes](https://github.com/reactor/reactor/releases )
- [Commits](https://github.com/reactor/reactor/compare/2024.0.13...2024.0.14 )
---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
dependency-version: 2024.0.14
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-14 03:08:22 +00:00
dependabot[bot]