Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
20,260 Commits 54 Branches 379 Tags
c08329c0c52e322e1145457af37af7a393594a18
Commit Graph

20260 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Winch b427587d27 Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25 2026-02-06 12:14:12 -06:00
Robert Winch 832635c9e8 Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.28 2026-02-06 12:14:09 -06:00
Robert Winch e45258a8bc Merge branch '6.5.x' into 7.0.x 2026-02-06 12:13:35 -06:00
dependabot[bot] fa7c6ea583 Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.20 to 0.0.22.
- [Commits](https://github.com/spring-io/spring-doc-actions/compare/e28269199d1d27975cf7f65e16d6095c555b3cd0...415e2b11a766ba64799fffb5c97a4f7e17f677cf)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:12:57 -06:00
dependabot[bot] 3841e0f6b3 Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.4 to 4.0.5 
Bumps [jakarta.xml.bind:jakarta.xml.bind-api](https://github.com/jakartaee/jaxb-api) from 4.0.4 to 4.0.5.
- [Release notes](https://github.com/jakartaee/jaxb-api/releases)
- [Commits](https://github.com/jakartaee/jaxb-api/compare/4.0.4...4.0.5)

---
updated-dependencies:
- dependency-name: jakarta.xml.bind:jakarta.xml.bind-api
  dependency-version: 4.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:12:56 -06:00
Robert Winch 50fad46df6 Bump @antora/atlas-extension in /docs 
---
updated-dependencies:
- dependency-name: "@antora/atlas-extension"
  dependency-version: 1.0.0-alpha.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:12:48 -06:00
dependabot[bot] e28eea208b Bump @springio/antora-extensions from 1.14.4 to 1.14.7 in /docs 
Bumps [@springio/antora-extensions](https://github.com/spring-io/antora-extensions) from 1.14.4 to 1.14.7.
- [Changelog](https://github.com/spring-io/antora-extensions/blob/main/CHANGELOG.adoc)
- [Commits](https://github.com/spring-io/antora-extensions/compare/v1.14.4...v1.14.7)

---
updated-dependencies:
- dependency-name: "@springio/antora-extensions"
  dependency-version: 1.14.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:11:58 -06:00
dependabot[bot] f646392542 Bump @antora/collector-extension from 1.0.1 to 1.0.2 in /docs 
---
updated-dependencies:
- dependency-name: "@antora/collector-extension"
  dependency-version: 1.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:11:57 -06:00
dependabot[bot] ffeda7a1b3 Bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.27 to 1.5.28.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.27...v_1.5.28)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 12:11:57 -06:00
dependabot[bot] c85e7a0828 Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.28 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.24 to 1.5.28.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.24...v_1.5.28)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.28
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:54:04 +00:00
dependabot[bot] 14cf90a7b9 Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25 
Bumps [io.spring.develocity.conventions](https://github.com/spring-io/develocity-conventions) from 0.0.24 to 0.0.25.
- [Release notes](https://github.com/spring-io/develocity-conventions/releases)
- [Commits](https://github.com/spring-io/develocity-conventions/compare/v0.0.24...v0.0.25)

---
updated-dependencies:
- dependency-name: io.spring.develocity.conventions
  dependency-version: 0.0.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:53:25 +00:00
dependabot[bot] 729e58b9de Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 
Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.6 to 3.27.7.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.6...assertj-build-3.27.7)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:53:06 +00:00
dependabot[bot] 5c678bd78a Bump io.mockk:mockk from 1.14.7 to 1.14.9 
Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.7 to 1.14.9.
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](https://github.com/mockk/mockk/compare/1.14.7...1.14.9)

---
updated-dependencies:
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:52:45 +00:00
dependabot[bot] 52ca16fa4b Bump antora from 3.2.0-alpha.8 to 3.2.0-alpha.11 in /docs 
Bumps [antora](https://gitlab.com/antora/antora) from 3.2.0-alpha.8 to 3.2.0-alpha.11.
- [Changelog](https://gitlab.com/antora/antora/blob/main/CHANGELOG.adoc)
- [Commits](https://gitlab.com/antora/antora/compare/v3.2.0-alpha.8...v3.2.0-alpha.11)

---
updated-dependencies:
- dependency-name: antora
  dependency-version: 3.2.0-alpha.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 17:52:25 +00:00
Robert Winch 31993e72ea Update to Spring Framework 7.0.3 2026-02-06 09:24:43 -06:00
Robert Winch 0bd3aa9a02 Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2 2026-02-06 09:02:42 -06:00
Robert Winch dc7edcaf95 Bump org.springframework:spring-framework-bom from 7.0.3-SNAPSHOT to 7.0.4-SNAPSHOT 2026-02-06 09:02:35 -06:00
Robert Winch 310abcf23b Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 2026-02-06 09:02:29 -06:00
Robert Winch 5807da104b Bump tools.jackson:jackson-bom from 3.0.3 to 3.0.4 2026-02-06 09:02:23 -06:00
Robert Winch 24e5f2f910 Bump com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.20.2 2026-02-06 09:02:15 -06:00
dependabot[bot] 4f8fcea4de Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.1 to 2025.1.2.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.1...2025.1.2)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2025.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot] 659aedbe96 Bump org.springframework:spring-framework-bom 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.3-SNAPSHOT to 7.0.4-SNAPSHOT.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/commits)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.4-SNAPSHOT
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot] d589707385 Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.1 to 2025.0.2.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.1...2025.0.2)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot] 4734af6856 Bump tools.jackson:jackson-bom from 3.0.3 to 3.0.4 
Bumps [tools.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 3.0.3 to 3.0.4.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-3.0.3...jackson-bom-3.0.4)

---
updated-dependencies:
- dependency-name: tools.jackson:jackson-bom
  dependency-version: 3.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
dependabot[bot] ac09b73725 Bump com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.20.2 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.20.1 to 2.20.2.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.1...jackson-bom-2.20.2)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.20.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-06 09:00:01 -06:00
Vincent Stradiot 075c48c0d8 Fix typo in documentation 
Signed-off-by: Vincent Stradiot <vincentstradiot@hotmail.com>
 2026-02-05 17:22:43 -07:00
Josh Cummings 31090f7a18 Merge branch '6.5.x' into 7.0.x 2026-02-05 16:58:16 -07:00
Josh Cummings 447e76bd06 Update to actions/checkout 6.0.2 2026-02-05 16:57:30 -07:00
dependabot[bot] dfde3295cd Bump com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.20.2 
Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.20.1 to 2.20.2.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.20.1...jackson-bom-2.20.2)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.20.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 23:47:35 +00:00
dependabot[bot] 32b60e0f26 Bump tools.jackson:jackson-bom from 3.0.3 to 3.0.4 
Bumps [tools.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 3.0.3 to 3.0.4.
- [Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-3.0.3...jackson-bom-3.0.4)

---
updated-dependencies:
- dependency-name: tools.jackson:jackson-bom
  dependency-version: 3.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 23:47:12 +00:00
dependabot[bot] 4b65d1c763 Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 
Bumps [io.projectreactor:reactor-bom](https://github.com/reactor/reactor) from 2025.0.1 to 2025.0.2.
- [Release notes](https://github.com/reactor/reactor/releases)
- [Commits](https://github.com/reactor/reactor/compare/2025.0.1...2025.0.2)

---
updated-dependencies:
- dependency-name: io.projectreactor:reactor-bom
  dependency-version: 2025.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 23:47:05 +00:00
dependabot[bot] ce5e28e3f1 Bump org.springframework:spring-framework-bom 
Bumps [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) from 7.0.3-SNAPSHOT to 7.0.4-SNAPSHOT.
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](https://github.com/spring-projects/spring-framework/commits)

---
updated-dependencies:
- dependency-name: org.springframework:spring-framework-bom
  dependency-version: 7.0.4-SNAPSHOT
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 23:46:50 +00:00
dependabot[bot] 355f6ccc64 Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2 
Bumps [org.springframework.data:spring-data-bom](https://github.com/spring-projects/spring-data-bom) from 2025.1.1 to 2025.1.2.
- [Release notes](https://github.com/spring-projects/spring-data-bom/releases)
- [Commits](https://github.com/spring-projects/spring-data-bom/compare/2025.1.1...2025.1.2)

---
updated-dependencies:
- dependency-name: org.springframework.data:spring-data-bom
  dependency-version: 2025.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 23:46:41 +00:00
dependabot[bot] 20663e2849 Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 
Bumps [spring-io/spring-doc-actions](https://github.com/spring-io/spring-doc-actions) from 0.0.20 to 0.0.22.
- [Commits](https://github.com/spring-io/spring-doc-actions/compare/e28269199d1d27975cf7f65e16d6095c555b3cd0...415e2b11a766ba64799fffb5c97a4f7e17f677cf)

---
updated-dependencies:
- dependency-name: spring-io/spring-doc-actions
  dependency-version: 0.0.22
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-05 23:46:14 +00:00
Josh Cummings 41e7af70b5 Merge branch '6.5.x' into 7.0.x 2026-02-05 13:46:21 -07:00
Josh Cummings 46a9514420 Update to setup-gradle 5.0.1 
note that gradle/gradle-build-action is superceded by
setup-gradle.

Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:44:02 -07:00
Josh Cummings 8432df498e Update upload-artifact to 6.0.0 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:44:00 -07:00
Josh Cummings 63162eb5f1 Update to setup-java 5.2.0 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:43:56 -07:00
Josh Cummings 5c3b8c513b Update spring-gradle-build-action to 2.0.5 
Issue gh-18648
 2026-02-05 13:43:11 -07:00
Josh Cummings d276c943fc Update actions/checkout to 6.0.2 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:43:06 -07:00
Josh Cummings 18d9dd77ec Use SHA Hashes for spring-security-release-tools Workflows 
Issue gh-18648

Signed-off-by: Josh Cummings <3627351+jzheaux@users.noreply.github.com>
 2026-02-05 13:42:22 -07:00
Joe Grandja d3c42a7a4f Polish OAuth2ConfigurerUtils 2026-02-05 04:52:02 -05:00
Joe Grandja e61c03f7c3 Fix to allow multiple PasswordEncoder beans 
Closes gh-18645
 2026-02-05 04:51:51 -05:00
Elayne Bloom 2c97b3376b Document Client PKCE settings 
Updated the documentation to reflect recent changes to enable PKCE by default for `authorization_code` flows in the documentation for the client.

Closes gh-18304

Signed-off-by: Elayne Bloom <5840349+bloomsei@users.noreply.github.com>
 2026-02-02 16:30:27 -05:00
Robert Winch 9273f411c1 Merge branch '6.5.x' into 7.0.x 2026-02-02 11:12:53 -06:00
Robert Winch d6e3ec78cd Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 2026-02-02 11:12:18 -06:00
dependabot[bot] 48c1023fd6 Bump org.hibernate.orm:hibernate-core from 6.6.41.Final to 6.6.42.Final 
Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.41.Final to 6.6.42.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.42/changelog.txt)
- [Commits](https://github.com/hibernate/hibernate-orm/compare/6.6.41...6.6.42)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.42.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-02 03:11:29 +00:00
dependabot[bot] 04dbdc8588 Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.5.26 to 1.5.27.
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](https://github.com/qos-ch/logback/compare/v_1.5.26...v_1.5.27)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-02 03:11:13 +00:00
Robert Winch 6ca04d9b77 Merge branch '6.5.x' into 7.0.x 2026-01-27 11:16:43 -06:00
Robert Winch 3960bf950d Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 2026-01-27 10:00:00 -06:00