Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,490 Commits 54 Branches 379 Tags
5.7.6
Commit Graph

11490 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Cummings a92ac82c4b Update jsonassert to 1.5.1 
Closes gh-11696
 2022-08-11 14:20:45 -06:00
Josh Cummings db638c2a77 Update org.jetbrains.kotlinx to 1.6.4 
Closes gh-11695
 2022-08-11 14:20:41 -06:00
Josh Cummings f884527c1b Update hibernate-entitymanager to 5.6.10.Final 
Closes gh-11694
 2022-08-11 14:20:38 -06:00
Josh Cummings dbd174418f Update org.eclipse.jetty to 9.4.48.v20220622 
Closes gh-11693
 2022-08-11 14:20:35 -06:00
Josh Cummings 2eeee99d2e Update io.projectreactor to 2020.0.22 
Closes gh-11691
 2022-08-11 14:20:28 -06:00
Josh Cummings e8c56420bf Update mockk to 1.12.5 
Closes gh-11690
 2022-08-11 14:20:24 -06:00
Marcus Da Coregio 627809d2dc Update org.springframework.data to 2021.1.6 
Closes gh-11686
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio 4b1d7e9479 Update org.springframework to 5.3.22 
Closes gh-11685
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio d9980a4dfe Update jsonassert to 1.5.1 
Closes gh-11684
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio 8eb7e589eb Update hibernate-entitymanager to 5.6.10.Final 
Closes gh-11683
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio 0d7dce9d71 Update org.eclipse.jetty to 9.4.48.v20220622 
Closes gh-11682
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio da09788be9 Update io.projectreactor to 2020.0.22 
Closes gh-11680
 2022-08-10 14:52:51 -03:00
Marcus Da Coregio ead587c597 Consistently handle RequestRejectedException if it is wrapped 
Closes gh-11645
 2022-08-09 08:32:42 -03:00
Marcus Da Coregio 6a2ca52aae Consistently handle RequestRejectedException if it is wrapped 
Closes gh-11645
 2022-08-09 08:32:10 -03:00
Rob Winch 269c711a64 RequestAttributeSecurityContextRepository never null SecurityContext 
Previously loadContext(HttpServletRequest) could return a Supplier that
returned a null SecurityContext

This commit ensures that null is never returned by the Supplier by
returning SecurityContextHolder.createEmptyContext() instead.

Closes gh-11606
 2022-08-08 13:52:56 -05:00
Steve Riesenberg 99f768bab9 Polish HttpSecurity 2022-07-29 17:43:00 -05:00
Steve Riesenberg 984355e637 Remove references to WebSecurityConfigurerAdapter 
* AbstractAuthenticationFilterConfigurer
* DefaultLoginPageConfigurer
* EnableGlobalAuthentication
* FormLoginConfigurer
* HeadersConfigurer
* HttpSecurity
* OpenIDLoginConfigurer
* RememberMeConfigurer
* WebSecurity
* WebSecurityConfiguration
* WebSecurityConfigurer
* X509Configurer

Closes gh-11288
 2022-07-29 17:43:00 -05:00
Steve Riesenberg 09173c95d6 Remove references to WebSecurityConfigurerAdapter in EnableWebSecurity 
Closes gh-11277
 2022-07-29 17:43:00 -05:00
Steve Riesenberg 02459919cc Skip workflows on forks of spring-security 2022-07-28 15:13:56 -05:00
Steve Riesenberg 57d212ddca Use cache and user.name system property on Windows 2022-07-28 15:13:55 -05:00
Steve Riesenberg 539b17f6da Only run prerequisites job if on upstream repo 2022-07-28 15:13:54 -05:00
Steve Riesenberg 37e1ad27fe Simplify dependency graph 2022-07-28 15:13:53 -05:00
Steve Riesenberg 043fdd6f03 Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-28 15:13:52 -05:00
Steve Riesenberg 3234e05085 Polish gh-11367 2022-07-28 15:13:51 -05:00
naveen f957e3c051 Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Closes gh-11367
 2022-07-28 15:13:51 -05:00
Steve Riesenberg 24033be046 Skip workflows on forks of spring-security 2022-07-28 15:11:09 -05:00
Steve Riesenberg 47a5665767 Use cache and user.name system property on Windows 2022-07-28 15:11:08 -05:00
Steve Riesenberg aad60cc6af Only run prerequisites job if on upstream repo 2022-07-28 15:11:07 -05:00
Steve Riesenberg 13e94935ae Simplify dependency graph 2022-07-28 15:11:06 -05:00
Steve Riesenberg 6c29007fac Use Spring Gradle Build Action 
Closes gh-11630
 2022-07-28 15:11:05 -05:00
Steve Riesenberg 6ad567f0fa Polish gh-11367 2022-07-28 15:11:05 -05:00
naveen 8c634f8a9d Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this
way, even if the attackers will succeed in compromising your workflow,
they won’t be able to do much.

- Included permissions for the action.

https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
https://securitylab.github.com/research/github-actions-preventing-pwn-requests/

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Closes gh-11367
 2022-07-28 15:11:04 -05:00
Marcus Da Coregio a996dfc55b Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:38:50 -03:00
Marcus Da Coregio d66ad22652 Add Deprecated annotation to WebSecurity#securityInterceptor 
Closes gh-11634
 2022-07-27 14:32:44 -03:00
Rob Winch 7a860e1568 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:26:31 -05:00
Rob Winch ad9e737bf2 Fix Snapshot Sources/Javadoc 
This commit merges a workaround to an issue in JFrog's Gradle plugin
which causes SNAPSHOT javadoc and sources to become out of sync and thus
prevents users from being able to download either.

Closes gh-10602
 2022-07-26 16:25:52 -05:00
Desmond Silveira 0d3c3c676d "Well-Know" should be "Well-Known" 2022-07-26 15:45:27 -05:00
Desmond Silveira 06aa3362dd "Well-Know" should be "Well-Known" 2022-07-26 15:44:41 -05:00
Yuriy Savchenko 0f64d4c091 Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 14:04:16 -03:00
Yuriy Savchenko 7c7751635d Add Kotlin example for WebTestClient setup docs 
Closes gh-9998
 2022-07-22 13:56:41 -03:00
Josh Cummings 56a6133b20 Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:43:25 -06:00
Josh Cummings bced37f6a7 Merge Same-named Attribute Elements 
Closes gh-11042
 2022-07-20 18:41:55 -06:00
Steve Riesenberg aaf20e7b61 Build only on branches 
Issue gh-11480
 2022-07-18 11:47:25 -05:00
Steve Riesenberg fbc5839890 Build only on branches 
Issue gh-11480
 2022-07-18 11:46:47 -05:00
Steve Riesenberg 148756076c Backport release automation and github actions 
Closes gh-11501
 2022-07-13 15:51:25 -05:00
Steve Riesenberg 6f321a27c4 Fix inconsistency in hasProperty check 2022-07-13 15:51:25 -05:00
Steve Riesenberg 539443b4be Add GitHubReleasePlugin with createGitHubRelease task 
Issue gh-10456
Issue gh-10457
 2022-07-13 15:51:24 -05:00
Steve Riesenberg d76c321f8c Backport release automation and github actions 
Closes gh-11500
 2022-07-13 15:17:03 -05:00
Josh Cummings b0b4612609 Correct input validation for 31 rounds 
Closes gh-11470
 2022-07-11 14:52:20 -06:00
Josh Cummings 28424f8ae5 Correct input validation for 31 rounds 
Closes gh-11470
 2022-07-11 14:51:51 -06:00