Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update spring security to v6.2.2 #289

Merged
merged 1 commit into from
Feb 19, 2024
Merged

Update spring security to v6.2.2 #289

merged 1 commit into from
Feb 19, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 16, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
org.springframework.security:spring-security-config (source) 6.2.1 -> 6.2.2 age adoption passing confidence
org.springframework.security:spring-security-web (source) 6.2.1 -> 6.2.2 age adoption passing confidence

Release Notes

spring-projects/spring-security (org.springframework.security:spring-security-config)

v6.2.2

Compare Source

⭐ New Features

  • Configuration examples in docs are out of date #​14392

🪲 Bug Fixes

  • "Span wasn't started - an observation must be started (not only created)" (Micrometer) due to observation handling in Spring Security Web? #​14568
  • HandlerMappingIntrospectorRequestTransformer is registered twice in AOT #​14367
  • OAuth2AuthorizationExchange is not serializable #​14405
  • WebTestUtilsTestRuntimeHints should implement RuntimeHintsRegistrar #​14468
  • Application context fails to load: Couldn't find FilterChainProxy #​14380
  • Back-Channel Logout should use localhost for internal logout request #​14553
  • Cannot configure SecurityContextRepository in CasAuthenticationFilter #​14536
  • Documentation about configuring SecuritySocketAcceptorInterceptor in Spring Boot is confusing #​14348
  • fix typo in anonymous.adoc #​14424
  • fix: typo in Authentication Architecture ProviderManager #​14448
  • Missing native-image reflection hint for HandlerMappingIntrospectorCachFilterFactoryBean #​14377
  • Missing native-image reflection hint for CsrfTokenRequestAttributeHandler$SupplierCsrfToken #​14470
  • ReactiveMethodSecurityConfiguration is initialized prematurely when the context contains a BeanPostProcessor #​14350
  • SAML relying party logout filter is always ordered last #​14551
  • Spring Security 6.2 defaults to InMemoryOidcSessionRegistry causing memory leaks in distributed systems with external session storage #​14558
  • Test using @WithMockUser fails with 401 UNAUTHORIZED with 3.2 #​14207
  • Typo: Update authorize-http-requests.adoc #​14563
  • Unexpected Exception Handling in NimbusReactiveJwtDecoder decode Method #​14496
  • X-Xss-Protection header "1; mode=block" differs in Servlet and Reactive #​14346

🔨 Dependency Upgrades

  • Bump com.fasterxml.jackson:jackson-bom from 2.15.3 to 2.15.4 #​14617
  • Bump Gamesight/slack-workflow-status from 1.2.0 to 1.3.0 #​14582
  • Bump Gradle Wrapper from 8.5 to 8.6 #​14547
  • Bump gradle/gradle-build-action from 2 to 3 #​14503
  • Bump io-spring-javaformat from 0.0.40 to 0.0.41 #​14439
  • Bump io.micrometer:micrometer-observation from 1.12.1 to 1.12.2 #​14429
  • Bump io.micrometer:micrometer-observation from 1.12.2 to 1.12.3 #​14589
  • Bump io.mockk:mockk from 1.13.8 to 1.13.9 #​14412
  • Bump io.projectreactor:reactor-bom from 2023.0.1 to 2023.0.2 #​14430
  • Bump io.projectreactor:reactor-bom from 2023.0.2 to 2023.0.3 #​14612
  • Bump io.spring.ge.conventions from 0.0.14 to 0.0.15 #​14463
  • Bump org-aspectj from 1.9.21 to 1.9.21.1 #​14605
  • Bump org-eclipse-jetty from 11.0.18 to 11.0.19 #​14354
  • Bump org-eclipse-jetty from 11.0.19 to 11.0.20 #​14518
  • Bump org.apereo.cas.client:cas-client-core from 4.0.3 to 4.0.4 #​14440
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.21 to 1.9.22 #​14364
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.21 to 1.9.22 #​14363
  • Bump org.junit:junit-bom from 5.10.1 to 5.10.2 #​14543
  • Bump org.slf4j:slf4j-api from 2.0.10 to 2.0.11 #​14422
  • Bump org.slf4j:slf4j-api from 2.0.11 to 2.0.12 #​14554
  • Bump org.slf4j:slf4j-api from 2.0.9 to 2.0.10 #​14387
  • Bump org.springframework.data:spring-data-bom from 2023.1.1 to 2023.1.2 #​14455
  • Bump org.springframework.data:spring-data-bom from 2023.1.2 to 2023.1.3 #​14624
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.1 to 3.2.2 #​14616
  • Bump org.springframework:spring-framework-bom from 6.1.2 to 6.1.3 #​14454
  • Bump org.springframework:spring-framework-bom from 6.1.3 to 6.1.4 #​14615
  • Bump slackapi/slack-github-action from 1.24.0 to 1.25.0 #​14504
  • Bump spring-io/spring-github-workflows from eaf17a1 to 1e8b058 #​14583

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Amitmahato, @​andreasbuechel, @​boulce, and @​dependabot[bot]

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@leleuj leleuj merged commit 58e75aa into master Feb 19, 2024
3 checks passed
@leleuj leleuj deleted the renovate/spring-security branch February 19, 2024 07:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@leleuj