Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update spring security to v6.2.0 #2106

Merged
merged 1 commit into from
Nov 22, 2023
Merged

Update spring security to v6.2.0 #2106

merged 1 commit into from
Nov 22, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 20, 2023

Mend Renovate logo banner

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.springframework.security:spring-security-web (source) 6.1.5 -> 6.2.0 age adoption passing confidence
org.springframework.security:spring-security-core (source) 6.1.5 -> 6.2.0 age adoption passing confidence
org.springframework.security:spring-security-config (source) 6.1.5 -> 6.2.0 age adoption passing confidence

Release Notes

spring-projects/spring-security (org.springframework.security:spring-security-web)

v6.2.0

Compare Source

⭐ New Features

  • AuthorizationManager[Before/After]ReactiveMethodInterceptor doesn't support Kotlin coroutines #​12080
  • Simplify configuration of OAuth2 Client component model #​11783

🪲 Bug Fixes

  • On Cancel, ObservationWebFilterDecorator Starts After-Filter Span without Stopping It #​14064
  • Authentication not propagated correctly after migrating to SB3 #​14112
  • Authorization does not show up on Features section #​14105
  • Fix obsolete comment and typos #​14060
  • Fix typo in documentation #​14130
  • improve render in headers.adoc #​14102
  • ReactiveRemoteJWKSource caches invalid response status into jwkSetURL #​14042
  • References to WebFlux docs do not link to them #​14108
  • relay_state should not be included in signing calculation when it is null #​14039
  • samesite set by Tomcat CookieProcessor ignored when creating XSRF-TOKEN cookie in CsrfTokenRepository #​14138
  • Security configuration is failed to be initialized in a Servlet 6.0 container #​14166
  • Spring Security documentation confuses "idempotent" with "read-only" in CSRF section #​14115
  • Spring Security metric names should not contain dashes #​14067
  • spring.security counters inaccurate due onComplete and cancel() #​14147
  • The latest "OAuth2AuthorizedClientManager" class is not AOT ready #​14094
  • UnboundIdContainer should be marked as not running at shutdown #​14095

🔨 Dependency Upgrades

  • Bump io-spring-javaformat from 0.0.39 to 0.0.40 #​14156
  • Bump io.micrometer:micrometer-observation from 1.12.0-RC1 to 1.12.0 #​14135
  • Bump io.projectreactor:reactor-bom from 2023.0.0-RC1 to 2023.0.0 #​14145
  • Bump org.junit:junit-bom from 5.10.0 to 5.10.1 #​14097
  • Bump org.springframework.data:spring-data-bom from 2023.1.0-RC1 to 2023.1.0 #​14172
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.0-RC1 to 3.2.0 #​14155
  • Bump org.springframework:spring-framework-bom from 6.1.0-RC1 to 6.1.0-RC2 #​14055
  • Bump org.springframework:spring-framework-bom from 6.1.0-RC2 to 6.1.0 #​14157

❤️ Contributors

We'd like to thank all the contributors who worked on this release!


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@hazendaz hazendaz self-assigned this Nov 22, 2023
@hazendaz hazendaz merged commit a888e18 into master Nov 22, 2023
14 checks passed
@renovate renovate bot deleted the renovate/spring-security branch November 22, 2023 03:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant