gcg/keycloak-mailcow
gcg/keycloak-mailcow
0
0
Fork 0
Code Issues Pull Requests Actions Releases 3 Activity

Update dependency org.springframework.security:spring-security-crypto to v6.3.0 #7

Merged
Denys Konovalov merged 1 commits from renovate/version.springsec into main 2024-06-15 15:51:59 +02:00
Conversation 0 Commits 1 Files Changed 1 +1 -1
Renovate Bot (Automatisiert) commented 2024-06-15 15:35:50 +02:00
Owner
Copy Link

This PR contains the following updates:

Package Type Update Change
org.springframework.security:spring-security-crypto (source) compile minor 6.2.3 -> 6.3.0

Release Notes

spring-projects/spring-security (org.springframework.security:spring-security-crypto)

v6.3.0

Compare Source

New Features

  • Add getters to OAuth2AuthorizedClientId #​13648
  • Add timeout defaults to JwtDecoders #​14890
  • doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #​15065
  • Improve logging for Global Authentication #​14711
  • Minor docs fix #​15043
  • Minor Documentation update on import needed for using Kotlin DSL #​14969
  • OAuth2 Client Authentication docs are incomplete #​14982
  • Proofread CasAuthenticationFilter documentation #​14883
  • Replace "Spring Boot 2.x" with "Spring Boot" #​14919
  • Simplify Disabling application/x-www-form-urlencoded Encoding Client ID and Secret #​14859
  • Support Specifying Identifier for relying-party-registrations Element #​14487
  • Update What's New in 6.3 #​14918

🪲 Bug Fixes

  • Do Not Invalidate Current Session When Its Registered #​15066
  • Fix MethodAuthorizationDeniedPostProcessor does not exist in java doc #​14955
  • fix docs error in AuthenticatedReactiveAuthorizationManager #​14979
  • OIDC Logout section is not shown in the navbar #​15113
  • Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #​14996

🔨 Dependency Upgrades

  • Bump ch.qos.logback:logback-classic from 1.5.5 to 1.5.6 #​14926
  • Bump com.fasterxml.jackson:jackson-bom from 2.17.0 to 2.17.1 #​15010
  • Bump com.gradle.develocity from 3.17.2 to 3.17.3 #​15051
  • Bump com.gradle.develocity from 3.17.3 to 3.17.4 #​15104
  • Bump io.micrometer:micrometer-observation from 1.12.5 to 1.12.6 #​15068
  • Bump io.mockk:mockk from 1.13.10 to 1.13.11 #​15086
  • Bump io.projectreactor:reactor-bom from 2023.0.5 to 2023.0.6 #​15076
  • Bump org-apache-maven-resolver from 1.9.18 to 1.9.19 #​14940
  • Bump org-apache-maven-resolver from 1.9.19 to 1.9.20 #​14987
  • Bump org-aspectj from 1.9.22 to 1.9.22.1 #​15052
  • Bump org-bouncycastle from 1.78 to 1.78.1 #​14929
  • Bump org-eclipse-jetty from 11.0.20 to 11.0.21 #​15087
  • Bump org.hibernate.orm:hibernate-core from 6.4.4.Final to 6.4.5.Final #​14948
  • Bump org.hibernate.orm:hibernate-core from 6.4.5.Final to 6.4.6.Final #​14952
  • Bump org.hibernate.orm:hibernate-core from 6.4.6.Final to 6.4.7.Final #​14962
  • Bump org.hibernate.orm:hibernate-core from 6.4.7.Final to 6.4.8.Final #​14980
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.23 to 1.9.24 #​15025
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.23 to 1.9.24 #​15026
  • Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.8.0 to 1.8.1 #​15053
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.13 to 4.33.15 #​14945
  • Bump org.springframework.data:spring-data-bom from 2024.0.0-RC1 to 2024.0.0 #​15103
  • Bump org.springframework:spring-framework-bom from 6.1.6 to 6.1.7 #​15088

🔩 Build Updates

  • Attach Antora Docs to Pull Requests #​15061
  • Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.12 #​14986
  • Bump com.github.spullara.mustache.java:compiler from 0.9.12 to 0.9.13 #​14999
  • Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 #​14963
  • Bump io.spring.gradle:spring-security-release-plugin from 1.0.2 to 1.0.3 #​14928
  • Consider Adding a Build Updates section to the release changelog #​15039

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Crain-32, @​Kehrlann, @​MrJovanovic13, @​ch4mpy, @​dependabot[bot], @​joaquinjsb, @​kse-music, @​madorb, @​rishiraj88, and @​vvaadd

v6.2.4

Compare Source

🪲 Bug Fixes

  • SpaCsrfTokenRequestHandler(Kotlin) documented in csrf-integration-javascript-spa causes NullPointerException #​14805
  • Address AuthorizationObservationConvention Package Tangle #​14795
  • bug org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector introspect method error #​14848
  • Transactional annotation breaks AOT for native image #​14865

🔨 Dependency Upgrades

  • Bump io.micrometer:micrometer-observation from 1.12.4 to 1.12.5 #​14867
  • Bump io.projectreactor:reactor-bom from 2023.0.4 to 2023.0.5 #​14873
  • Bump io.spring.ge.conventions from 0.0.15 to 0.0.16 #​14821
  • Bump io.spring.gradle:spring-security-release-plugin from 1.0.1 to 1.0.2 #​14786
  • Bump org-aspectj from 1.9.21.2 to 1.9.22 #​14798
  • Bump org.slf4j:slf4j-api from 2.0.12 to 2.0.13 #​14907
  • Bump org.springframework.data:spring-data-bom from 2023.1.4 to 2023.1.5 #​14908
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.2 to 3.2.3 #​14896
  • Bump org.springframework:spring-framework-bom from 6.1.5 to 6.1.6 #​14895
  • Update org.opensaml:opensaml-core4 to 4.3.1 #​14850

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​dependabot[bot]

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [org.springframework.security:spring-security-crypto](https://spring.io/projects/spring-security) ([source](https://github.com/spring-projects/spring-security)) | compile | minor | `6.2.3` -> `6.3.0` | --- ### Release Notes <details> <summary>spring-projects/spring-security (org.springframework.security:spring-security-crypto)</summary> ### [`v6.3.0`](https://github.com/spring-projects/spring-security/releases/tag/6.3.0) [Compare Source](https://github.com/spring-projects/spring-security/compare/6.2.4...6.3.0) #### :star: New Features - Add getters to `OAuth2AuthorizedClientId` [#&#8203;13648](https://github.com/spring-projects/spring-security/pull/13648) - Add timeout defaults to JwtDecoders [#&#8203;14890](https://github.com/spring-projects/spring-security/pull/14890) - doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean [#&#8203;15065](https://github.com/spring-projects/spring-security/issues/15065) - Improve logging for Global Authentication [#&#8203;14711](https://github.com/spring-projects/spring-security/pull/14711) - Minor docs fix [#&#8203;15043](https://github.com/spring-projects/spring-security/pull/15043) - Minor Documentation update on import needed for using Kotlin DSL [#&#8203;14969](https://github.com/spring-projects/spring-security/pull/14969) - OAuth2 Client Authentication docs are incomplete [#&#8203;14982](https://github.com/spring-projects/spring-security/issues/14982) - Proofread CasAuthenticationFilter documentation [#&#8203;14883](https://github.com/spring-projects/spring-security/pull/14883) - Replace "Spring Boot 2.x" with "Spring Boot" [#&#8203;14919](https://github.com/spring-projects/spring-security/pull/14919) - Simplify Disabling application/x-www-form-urlencoded Encoding Client ID and Secret [#&#8203;14859](https://github.com/spring-projects/spring-security/pull/14859) - Support Specifying Identifier for relying-party-registrations Element [#&#8203;14487](https://github.com/spring-projects/spring-security/issues/14487) - Update What's New in 6.3 [#&#8203;14918](https://github.com/spring-projects/spring-security/issues/14918) #### :beetle: Bug Fixes - Do Not Invalidate Current Session When Its Registered [#&#8203;15066](https://github.com/spring-projects/spring-security/pull/15066) - Fix MethodAuthorizationDeniedPostProcessor does not exist in java doc [#&#8203;14955](https://github.com/spring-projects/spring-security/pull/14955) - fix docs error in AuthenticatedReactiveAuthorizationManager [#&#8203;14979](https://github.com/spring-projects/spring-security/pull/14979) - OIDC Logout section is not shown in the navbar [#&#8203;15113](https://github.com/spring-projects/spring-security/issues/15113) - Wrong information for RequestCacheAwareFilter in the Spring Security documentation. [#&#8203;14996](https://github.com/spring-projects/spring-security/issues/14996) #### :hammer: Dependency Upgrades - Bump ch.qos.logback:logback-classic from 1.5.5 to 1.5.6 [#&#8203;14926](https://github.com/spring-projects/spring-security/pull/14926) - Bump com.fasterxml.jackson:jackson-bom from 2.17.0 to 2.17.1 [#&#8203;15010](https://github.com/spring-projects/spring-security/pull/15010) - Bump com.gradle.develocity from 3.17.2 to 3.17.3 [#&#8203;15051](https://github.com/spring-projects/spring-security/pull/15051) - Bump com.gradle.develocity from 3.17.3 to 3.17.4 [#&#8203;15104](https://github.com/spring-projects/spring-security/pull/15104) - Bump io.micrometer:micrometer-observation from 1.12.5 to 1.12.6 [#&#8203;15068](https://github.com/spring-projects/spring-security/pull/15068) - Bump io.mockk:mockk from 1.13.10 to 1.13.11 [#&#8203;15086](https://github.com/spring-projects/spring-security/pull/15086) - Bump io.projectreactor:reactor-bom from 2023.0.5 to 2023.0.6 [#&#8203;15076](https://github.com/spring-projects/spring-security/pull/15076) - Bump org-apache-maven-resolver from 1.9.18 to 1.9.19 [#&#8203;14940](https://github.com/spring-projects/spring-security/pull/14940) - Bump org-apache-maven-resolver from 1.9.19 to 1.9.20 [#&#8203;14987](https://github.com/spring-projects/spring-security/pull/14987) - Bump org-aspectj from 1.9.22 to 1.9.22.1 [#&#8203;15052](https://github.com/spring-projects/spring-security/pull/15052) - Bump org-bouncycastle from 1.78 to 1.78.1 [#&#8203;14929](https://github.com/spring-projects/spring-security/pull/14929) - Bump org-eclipse-jetty from 11.0.20 to 11.0.21 [#&#8203;15087](https://github.com/spring-projects/spring-security/pull/15087) - Bump org.hibernate.orm:hibernate-core from 6.4.4.Final to 6.4.5.Final [#&#8203;14948](https://github.com/spring-projects/spring-security/pull/14948) - Bump org.hibernate.orm:hibernate-core from 6.4.5.Final to 6.4.6.Final [#&#8203;14952](https://github.com/spring-projects/spring-security/pull/14952) - Bump org.hibernate.orm:hibernate-core from 6.4.6.Final to 6.4.7.Final [#&#8203;14962](https://github.com/spring-projects/spring-security/pull/14962) - Bump org.hibernate.orm:hibernate-core from 6.4.7.Final to 6.4.8.Final [#&#8203;14980](https://github.com/spring-projects/spring-security/pull/14980) - Bump org.jetbrains.kotlin:kotlin-bom from 1.9.23 to 1.9.24 [#&#8203;15025](https://github.com/spring-projects/spring-security/pull/15025) - Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.23 to 1.9.24 [#&#8203;15026](https://github.com/spring-projects/spring-security/pull/15026) - Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.8.0 to 1.8.1 [#&#8203;15053](https://github.com/spring-projects/spring-security/pull/15053) - Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.13 to 4.33.15 [#&#8203;14945](https://github.com/spring-projects/spring-security/pull/14945) - Bump org.springframework.data:spring-data-bom from 2024.0.0-RC1 to 2024.0.0 [#&#8203;15103](https://github.com/spring-projects/spring-security/pull/15103) - Bump org.springframework:spring-framework-bom from 6.1.6 to 6.1.7 [#&#8203;15088](https://github.com/spring-projects/spring-security/pull/15088) #### :nut_and_bolt: Build Updates - Attach Antora Docs to Pull Requests [#&#8203;15061](https://github.com/spring-projects/spring-security/issues/15061) - Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.12 [#&#8203;14986](https://github.com/spring-projects/spring-security/pull/14986) - Bump com.github.spullara.mustache.java:compiler from 0.9.12 to 0.9.13 [#&#8203;14999](https://github.com/spring-projects/spring-security/pull/14999) - Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 [#&#8203;14963](https://github.com/spring-projects/spring-security/pull/14963) - Bump io.spring.gradle:spring-security-release-plugin from 1.0.2 to 1.0.3 [#&#8203;14928](https://github.com/spring-projects/spring-security/pull/14928) - Consider Adding a Build Updates section to the release changelog [#&#8203;15039](https://github.com/spring-projects/spring-security/issues/15039) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@&#8203;Crain-32](https://github.com/Crain-32), [@&#8203;Kehrlann](https://github.com/Kehrlann), [@&#8203;MrJovanovic13](https://github.com/MrJovanovic13), [@&#8203;ch4mpy](https://github.com/ch4mpy), [@&#8203;dependabot](https://github.com/dependabot)\[bot], [@&#8203;joaquinjsb](https://github.com/joaquinjsb), [@&#8203;kse-music](https://github.com/kse-music), [@&#8203;madorb](https://github.com/madorb), [@&#8203;rishiraj88](https://github.com/rishiraj88), and [@&#8203;vvaadd](https://github.com/vvaadd) ### [`v6.2.4`](https://github.com/spring-projects/spring-security/releases/tag/6.2.4) [Compare Source](https://github.com/spring-projects/spring-security/compare/6.2.3...6.2.4) #### :beetle: Bug Fixes - SpaCsrfTokenRequestHandler(Kotlin) documented in csrf-integration-javascript-spa causes NullPointerException [#&#8203;14805](https://github.com/spring-projects/spring-security/issues/14805) - Address AuthorizationObservationConvention Package Tangle [#&#8203;14795](https://github.com/spring-projects/spring-security/issues/14795) - bug org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector introspect method error [#&#8203;14848](https://github.com/spring-projects/spring-security/issues/14848) - Transactional annotation breaks AOT for native image [#&#8203;14865](https://github.com/spring-projects/spring-security/issues/14865) #### :hammer: Dependency Upgrades - Bump io.micrometer:micrometer-observation from 1.12.4 to 1.12.5 [#&#8203;14867](https://github.com/spring-projects/spring-security/pull/14867) - Bump io.projectreactor:reactor-bom from 2023.0.4 to 2023.0.5 [#&#8203;14873](https://github.com/spring-projects/spring-security/pull/14873) - Bump io.spring.ge.conventions from 0.0.15 to 0.0.16 [#&#8203;14821](https://github.com/spring-projects/spring-security/pull/14821) - Bump io.spring.gradle:spring-security-release-plugin from 1.0.1 to 1.0.2 [#&#8203;14786](https://github.com/spring-projects/spring-security/pull/14786) - Bump org-aspectj from 1.9.21.2 to 1.9.22 [#&#8203;14798](https://github.com/spring-projects/spring-security/pull/14798) - Bump org.slf4j:slf4j-api from 2.0.12 to 2.0.13 [#&#8203;14907](https://github.com/spring-projects/spring-security/pull/14907) - Bump org.springframework.data:spring-data-bom from 2023.1.4 to 2023.1.5 [#&#8203;14908](https://github.com/spring-projects/spring-security/pull/14908) - Bump org.springframework.ldap:spring-ldap-core from 3.2.2 to 3.2.3 [#&#8203;14896](https://github.com/spring-projects/spring-security/pull/14896) - Bump org.springframework:spring-framework-bom from 6.1.5 to 6.1.6 [#&#8203;14895](https://github.com/spring-projects/spring-security/pull/14895) - Update org.opensaml:opensaml-core4 to 4.3.1 [#&#8203;14850](https://github.com/spring-projects/spring-security/issues/14850) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@&#8203;dependabot](https://github.com/dependabot)\[bot] </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MDguMiIsInVwZGF0ZWRJblZlciI6IjM3LjQwOC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Renovate Bot (Automatisiert) added 1 commit 2024-06-15 15:35:51 +02:00
Renovate Bot (Automatisiert) force-pushed renovate/version.springsec from 02a2549e9e to 97bee7d209 2024-06-15 15:51:24 +02:00 Compare
Denys Konovalov merged commit 54ad89fbdd into main 2024-06-15 15:51:59 +02:00
Denys Konovalov deleted branch renovate/version.springsec 2024-06-15 15:51:59 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
Art
Feature
Dieses Issue behandelt ein neues Feature
Art
Problem
Dieses Issue beschreibt ein bestehendes Problem
Art
Verbesserung
Die beschriebene Veränderung verbessert ein bestehendes Feature.
Automatisiert
Dieses Issue wird von einer Maschine verwaltet.
Bereich
Infrastruktur
Dieses Issue betrifft den internen Infrastruktur-Aufbau
Bereich
Intern
Dieses Issue betrifft eine interne Angelegenheit
Bereich
Öffentlich
Dieses Issue betrifft einen öffentlichen Bereich des Diensts
Priorität
gering
Priorität
hoch
Priorität
zeitnah
Status
Abstellgleis
Dieses Issue kann voraussichtlich nicht in nächster Zeit gelöst werden.
Status
Vorschlag
Die beschriebene Veränderung ist ein Vorschlag und steht zur Diskussion
Status
zu untersuchen
Der Ursprung dieses Problems ist noch unklar.
Zuarbeit
Dieses Issue erfordert externe Zuarbeit
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: gcg/keycloak-mailcow#7
No description provided.
Delete Branch "renovate/version.springsec"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?