gcg/keycloak-mailcow
gcg/keycloak-mailcow
0
0
Fork 0
Code Issues Pull Requests Actions Releases 3 Activity

Update dependency org.springframework.security:spring-security-crypto to v6.3.2 #15

Merged
Renovate Bot (Automatisiert) merged 1 commits from renovate/version.springsec into main 2024-08-20 02:03:23 +02:00
Conversation 0 Commits 1 Files Changed 1 +1 -1
Renovate Bot (Automatisiert) commented 2024-08-20 02:02:33 +02:00
Owner
Copy Link

This PR contains the following updates:

Package Type Update Change
org.springframework.security:spring-security-crypto (source) compile patch 6.3.1 -> 6.3.2

Release Notes

spring-projects/spring-security (org.springframework.security:spring-security-crypto)

v6.3.2

Compare Source

New Features

  • ActiveDirectoryLdapAuthenticationProvider does not implement support for multiple urls #​15495
  • Document the role of CredentialsContainer #​15321
  • OIDC Backchannel Logout should allow logout tokens having typ header of logout+jwt #​15410

🪲 Bug Fixes

  • A broken link in Spring Security reference #​15297
  • Documentation for ServletBearerExchangeFilterFunction incomplete or incorrect #​15460
  • EnableMethodSecurity should publish only one bean of each AuthorizationAdvisor #​15592
  • Fix Compromised Password Checker Docs Sample Not Working #​15305
  • Fix for #​15172 introduces significant performance degredation #​15324
  • Pre/PostAuthorize should not ignore HandleAuthorizationDenied#handlerClass when ApplicationContext is not provided #​15535
  • Update prerequisites documentation with Java 17 #​15340
  • Use Correct Meta-Annotation in Kotlin Sample #​15472
  • Using sec:authorize in JSPX causes 'java.lang.NullPointerException: Cannot invoke "jakarta.servlet.ServletRegistration.getClassName()" because "registration" is null' #​15440

🔨 Dependency Upgrades

  • Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7 #​15619
  • Bump com.fasterxml.jackson:jackson-bom from 2.17.1 to 2.17.2 #​15374
  • Bump com.github.spullara.mustache.java:compiler from 0.9.13 to 0.9.14 #​15373
  • Bump io.micrometer:micrometer-observation from 1.12.7 to 1.12.8 #​15383
  • Bump io.micrometer:micrometer-observation from 1.12.8 to 1.12.9 #​15581
  • Bump io.mockk:mockk from 1.13.11 to 1.13.12 #​15430
  • Bump io.projectreactor:reactor-bom from 2023.0.7 to 2023.0.8 #​15388
  • Bump io.projectreactor:reactor-bom from 2023.0.8 to 2023.0.9 #​15597
  • Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.0 to 3.0.1 #​15582
  • Bump org-apache-maven-resolver from 1.9.20 to 1.9.21 #​15372
  • Bump org-apache-maven-resolver from 1.9.21 to 1.9.22 #​15545
  • Bump org-eclipse-jetty from 11.0.21 to 11.0.22 #​15356
  • Bump org.apache.maven:maven-resolver-provider from 3.9.7 to 3.9.8 #​15268
  • Bump org.apache.maven:maven-resolver-provider from 3.9.8 to 3.9.9 #​15642
  • Bump org.gretty:gretty from 4.1.4 to 4.1.5 #​15431
  • Bump org.hibernate.orm:hibernate-core from 6.4.9.Final to 6.4.10.Final #​15530
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.24 to 1.9.25 #​15456
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.24 to 1.9.25 #​15455
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.19 to 4.33.20 #​15267
  • Bump org.junit:junit-bom from 5.10.2 to 5.10.3 #​15315
  • Bump org.skyscreamer:jsonassert from 1.5.1 to 1.5.3 #​15336
  • Bump org.slf4j:slf4j-api from 2.0.13 to 2.0.14 #​15529
  • Bump org.slf4j:slf4j-api from 2.0.14 to 2.0.15 #​15546
  • Bump org.slf4j:slf4j-api from 2.0.15 to 2.0.16 #​15571
  • Bump org.springframework.data:spring-data-bom from 2024.0.1 to 2024.0.2 #​15421
  • Bump org.springframework.data:spring-data-bom from 2024.0.2 to 2024.0.3 #​15643
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.4 to 3.2.6 #​15620
  • Bump org.springframework:spring-framework-bom from 6.1.10 to 6.1.11 #​15402
  • Bump org.springframework:spring-framework-bom from 6.1.11 to 6.1.12 #​15613
  • Bump org.springframework:spring-framework-bom from 6.1.9 to 6.1.10 #​15279

🔩 Build Updates

  • Automate check of expected branch version #​15310
  • Bump @antora/collector-extension from 1.0.0-alpha.4 to 1.0.0-alpha.6 in /docs #​15449
  • Bump @antora/collector-extension from 1.0.0-alpha.6 to 1.0.0-alpha.7 in /docs #​15482
  • Bump @antora/collector-extension from 1.0.0-alpha.7 to 1.0.0-beta.1 in /docs #​15560
  • Bump @antora/collector-extension from 1.0.0-beta.1 to 1.0.0-beta.2 in /docs #​15637
  • Bump @springio/antora-extensions from 1.11.1 to 1.12.0 in /docs #​15418
  • Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs #​15517
  • Bump @springio/antora-extensions from 1.13.0 to 1.13.1 in /docs #​15561
  • Bump @springio/antora-extensions from 1.13.1 to 1.14.2 in /docs #​15636
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.10 to 1.0.0-alpha.11 in /docs #​15419
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.11 to 1.0.0-alpha.12 in /docs #​15515
  • Bump antora from 3.2.0-alpha.4 to 3.2.0-alpha.5 in /docs #​15329
  • Bump antora from 3.2.0-alpha.5 to 3.2.0-alpha.6 in /docs #​15480
  • Bump com.gradle.develocity from 3.17.5 to 3.17.6 #​15464
  • Bump io-spring-javaformat from 0.0.42 to 0.0.43 #​15650
  • Fix typos and formatting in documentation #​15380
  • Migrate slack notifications to GChat #​15505
  • Use explicit types instead of var #​15537

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Kehrlann, @​dependabot[bot], and @​tahakorkem

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [org.springframework.security:spring-security-crypto](https://spring.io/projects/spring-security) ([source](https://github.com/spring-projects/spring-security)) | compile | patch | `6.3.1` -> `6.3.2` | --- ### Release Notes <details> <summary>spring-projects/spring-security (org.springframework.security:spring-security-crypto)</summary> ### [`v6.3.2`](https://github.com/spring-projects/spring-security/releases/tag/6.3.2) [Compare Source](https://github.com/spring-projects/spring-security/compare/6.3.1...6.3.2) #### :star: New Features - ActiveDirectoryLdapAuthenticationProvider does not implement support for multiple urls [#&#8203;15495](https://github.com/spring-projects/spring-security/issues/15495) - Document the role of `CredentialsContainer` [#&#8203;15321](https://github.com/spring-projects/spring-security/issues/15321) - OIDC Backchannel Logout should allow logout tokens having `typ` header of `logout+jwt` [#&#8203;15410](https://github.com/spring-projects/spring-security/issues/15410) #### :beetle: Bug Fixes - A broken link in Spring Security reference [#&#8203;15297](https://github.com/spring-projects/spring-security/issues/15297) - Documentation for ServletBearerExchangeFilterFunction incomplete or incorrect [#&#8203;15460](https://github.com/spring-projects/spring-security/issues/15460) - EnableMethodSecurity should publish only one bean of each AuthorizationAdvisor [#&#8203;15592](https://github.com/spring-projects/spring-security/issues/15592) - Fix Compromised Password Checker Docs Sample Not Working [#&#8203;15305](https://github.com/spring-projects/spring-security/issues/15305) - Fix for [#&#8203;15172](https://github.com/spring-projects/spring-security/issues/15172) introduces significant performance degredation [#&#8203;15324](https://github.com/spring-projects/spring-security/issues/15324) - Pre/PostAuthorize should not ignore HandleAuthorizationDenied#handlerClass when ApplicationContext is not provided [#&#8203;15535](https://github.com/spring-projects/spring-security/issues/15535) - Update prerequisites documentation with Java 17 [#&#8203;15340](https://github.com/spring-projects/spring-security/issues/15340) - Use Correct Meta-Annotation in Kotlin Sample [#&#8203;15472](https://github.com/spring-projects/spring-security/pull/15472) - Using sec:authorize in JSPX causes 'java.lang.NullPointerException: Cannot invoke "jakarta.servlet.ServletRegistration.getClassName()" because "registration" is null' [#&#8203;15440](https://github.com/spring-projects/spring-security/issues/15440) #### :hammer: Dependency Upgrades - Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7 [#&#8203;15619](https://github.com/spring-projects/spring-security/pull/15619) - Bump com.fasterxml.jackson:jackson-bom from 2.17.1 to 2.17.2 [#&#8203;15374](https://github.com/spring-projects/spring-security/pull/15374) - Bump com.github.spullara.mustache.java:compiler from 0.9.13 to 0.9.14 [#&#8203;15373](https://github.com/spring-projects/spring-security/pull/15373) - Bump io.micrometer:micrometer-observation from 1.12.7 to 1.12.8 [#&#8203;15383](https://github.com/spring-projects/spring-security/pull/15383) - Bump io.micrometer:micrometer-observation from 1.12.8 to 1.12.9 [#&#8203;15581](https://github.com/spring-projects/spring-security/pull/15581) - Bump io.mockk:mockk from 1.13.11 to 1.13.12 [#&#8203;15430](https://github.com/spring-projects/spring-security/pull/15430) - Bump io.projectreactor:reactor-bom from 2023.0.7 to 2023.0.8 [#&#8203;15388](https://github.com/spring-projects/spring-security/pull/15388) - Bump io.projectreactor:reactor-bom from 2023.0.8 to 2023.0.9 [#&#8203;15597](https://github.com/spring-projects/spring-security/pull/15597) - Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.0 to 3.0.1 [#&#8203;15582](https://github.com/spring-projects/spring-security/pull/15582) - Bump org-apache-maven-resolver from 1.9.20 to 1.9.21 [#&#8203;15372](https://github.com/spring-projects/spring-security/pull/15372) - Bump org-apache-maven-resolver from 1.9.21 to 1.9.22 [#&#8203;15545](https://github.com/spring-projects/spring-security/pull/15545) - Bump org-eclipse-jetty from 11.0.21 to 11.0.22 [#&#8203;15356](https://github.com/spring-projects/spring-security/pull/15356) - Bump org.apache.maven:maven-resolver-provider from 3.9.7 to 3.9.8 [#&#8203;15268](https://github.com/spring-projects/spring-security/pull/15268) - Bump org.apache.maven:maven-resolver-provider from 3.9.8 to 3.9.9 [#&#8203;15642](https://github.com/spring-projects/spring-security/pull/15642) - Bump org.gretty:gretty from 4.1.4 to 4.1.5 [#&#8203;15431](https://github.com/spring-projects/spring-security/pull/15431) - Bump org.hibernate.orm:hibernate-core from 6.4.9.Final to 6.4.10.Final [#&#8203;15530](https://github.com/spring-projects/spring-security/pull/15530) - Bump org.jetbrains.kotlin:kotlin-bom from 1.9.24 to 1.9.25 [#&#8203;15456](https://github.com/spring-projects/spring-security/pull/15456) - Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.24 to 1.9.25 [#&#8203;15455](https://github.com/spring-projects/spring-security/pull/15455) - Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.19 to 4.33.20 [#&#8203;15267](https://github.com/spring-projects/spring-security/pull/15267) - Bump org.junit:junit-bom from 5.10.2 to 5.10.3 [#&#8203;15315](https://github.com/spring-projects/spring-security/pull/15315) - Bump org.skyscreamer:jsonassert from 1.5.1 to 1.5.3 [#&#8203;15336](https://github.com/spring-projects/spring-security/pull/15336) - Bump org.slf4j:slf4j-api from 2.0.13 to 2.0.14 [#&#8203;15529](https://github.com/spring-projects/spring-security/pull/15529) - Bump org.slf4j:slf4j-api from 2.0.14 to 2.0.15 [#&#8203;15546](https://github.com/spring-projects/spring-security/pull/15546) - Bump org.slf4j:slf4j-api from 2.0.15 to 2.0.16 [#&#8203;15571](https://github.com/spring-projects/spring-security/pull/15571) - Bump org.springframework.data:spring-data-bom from 2024.0.1 to 2024.0.2 [#&#8203;15421](https://github.com/spring-projects/spring-security/pull/15421) - Bump org.springframework.data:spring-data-bom from 2024.0.2 to 2024.0.3 [#&#8203;15643](https://github.com/spring-projects/spring-security/pull/15643) - Bump org.springframework.ldap:spring-ldap-core from 3.2.4 to 3.2.6 [#&#8203;15620](https://github.com/spring-projects/spring-security/pull/15620) - Bump org.springframework:spring-framework-bom from 6.1.10 to 6.1.11 [#&#8203;15402](https://github.com/spring-projects/spring-security/pull/15402) - Bump org.springframework:spring-framework-bom from 6.1.11 to 6.1.12 [#&#8203;15613](https://github.com/spring-projects/spring-security/pull/15613) - Bump org.springframework:spring-framework-bom from 6.1.9 to 6.1.10 [#&#8203;15279](https://github.com/spring-projects/spring-security/pull/15279) #### :nut_and_bolt: Build Updates - Automate check of expected branch version [#&#8203;15310](https://github.com/spring-projects/spring-security/issues/15310) - Bump `@antora`/collector-extension from 1.0.0-alpha.4 to 1.0.0-alpha.6 in /docs [#&#8203;15449](https://github.com/spring-projects/spring-security/pull/15449) - Bump `@antora`/collector-extension from 1.0.0-alpha.6 to 1.0.0-alpha.7 in /docs [#&#8203;15482](https://github.com/spring-projects/spring-security/pull/15482) - Bump `@antora`/collector-extension from 1.0.0-alpha.7 to 1.0.0-beta.1 in /docs [#&#8203;15560](https://github.com/spring-projects/spring-security/pull/15560) - Bump `@antora`/collector-extension from 1.0.0-beta.1 to 1.0.0-beta.2 in /docs [#&#8203;15637](https://github.com/spring-projects/spring-security/pull/15637) - Bump `@springio`/antora-extensions from 1.11.1 to 1.12.0 in /docs [#&#8203;15418](https://github.com/spring-projects/spring-security/pull/15418) - Bump `@springio`/antora-extensions from 1.12.0 to 1.13.0 in /docs [#&#8203;15517](https://github.com/spring-projects/spring-security/pull/15517) - Bump `@springio`/antora-extensions from 1.13.0 to 1.13.1 in /docs [#&#8203;15561](https://github.com/spring-projects/spring-security/pull/15561) - Bump `@springio`/antora-extensions from 1.13.1 to 1.14.2 in /docs [#&#8203;15636](https://github.com/spring-projects/spring-security/pull/15636) - Bump `@springio`/asciidoctor-extensions from 1.0.0-alpha.10 to 1.0.0-alpha.11 in /docs [#&#8203;15419](https://github.com/spring-projects/spring-security/pull/15419) - Bump `@springio`/asciidoctor-extensions from 1.0.0-alpha.11 to 1.0.0-alpha.12 in /docs [#&#8203;15515](https://github.com/spring-projects/spring-security/pull/15515) - Bump antora from 3.2.0-alpha.4 to 3.2.0-alpha.5 in /docs [#&#8203;15329](https://github.com/spring-projects/spring-security/pull/15329) - Bump antora from 3.2.0-alpha.5 to 3.2.0-alpha.6 in /docs [#&#8203;15480](https://github.com/spring-projects/spring-security/pull/15480) - Bump com.gradle.develocity from 3.17.5 to 3.17.6 [#&#8203;15464](https://github.com/spring-projects/spring-security/pull/15464) - Bump io-spring-javaformat from 0.0.42 to 0.0.43 [#&#8203;15650](https://github.com/spring-projects/spring-security/pull/15650) - Fix typos and formatting in documentation [#&#8203;15380](https://github.com/spring-projects/spring-security/issues/15380) - Migrate slack notifications to GChat [#&#8203;15505](https://github.com/spring-projects/spring-security/issues/15505) - Use explicit types instead of var [#&#8203;15537](https://github.com/spring-projects/spring-security/pull/15537) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@&#8203;Kehrlann](https://github.com/Kehrlann), [@&#8203;dependabot](https://github.com/dependabot)\[bot], and [@&#8203;tahakorkem](https://github.com/tahakorkem) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjAuMSIsInVwZGF0ZWRJblZlciI6IjM3LjQyMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
Renovate Bot (Automatisiert) added 1 commit 2024-08-20 02:02:34 +02:00
Update dependency org.springframework.security:spring-security-crypto to v6.3.2
All checks were successful
Keycloak mailcow Build / Build und Bereitstellung (pull_request) Successful in 11s
Details
Keycloak mailcow Build / Build und Bereitstellung (push) Successful in 12s
Details
d3d075c13d
Renovate Bot (Automatisiert) scheduled this pull request to auto merge when all checks succeed 2024-08-20 02:02:34 +02:00
Renovate Bot (Automatisiert) merged commit d3d075c13d into main 2024-08-20 02:03:23 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
Art
Feature
Dieses Issue behandelt ein neues Feature
Art
Problem
Dieses Issue beschreibt ein bestehendes Problem
Art
Verbesserung
Die beschriebene Veränderung verbessert ein bestehendes Feature.
Automatisiert
Dieses Issue wird von einer Maschine verwaltet.
Bereich
Infrastruktur
Dieses Issue betrifft den internen Infrastruktur-Aufbau
Bereich
Intern
Dieses Issue betrifft eine interne Angelegenheit
Bereich
Öffentlich
Dieses Issue betrifft einen öffentlichen Bereich des Diensts
Priorität
gering
Priorität
hoch
Priorität
zeitnah
Status
Abstellgleis
Dieses Issue kann voraussichtlich nicht in nächster Zeit gelöst werden.
Status
Vorschlag
Die beschriebene Veränderung ist ein Vorschlag und steht zur Diskussion
Status
zu untersuchen
Der Ursprung dieses Problems ist noch unklar.
Zuarbeit
Dieses Issue erfordert externe Zuarbeit
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: gcg/keycloak-mailcow#15
No description provided.
Delete Branch "renovate/version.springsec"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?