Update dependency org.springframework.security:spring-security-crypto to v6.3.2 #15

Renovate Bot (Automatisiert) · 2024-08-20T02:02:33+02:00

2024-08-20 02:02:33 +02:00

This PR contains the following updates:

Package	Type	Update	Change
org.springframework.security:spring-security-crypto (source)	compile	patch	`6.3.1` -> `6.3.2`

Release Notes

spring-projects/spring-security (org.springframework.security:spring-security-crypto)

`v6.3.2`

Compare Source

⭐ New Features

ActiveDirectoryLdapAuthenticationProvider does not implement support for multiple urls #15495
Document the role of CredentialsContainer #15321
OIDC Backchannel Logout should allow logout tokens having typ header of logout+jwt #15410

🪲 Bug Fixes

A broken link in Spring Security reference #15297
Documentation for ServletBearerExchangeFilterFunction incomplete or incorrect #15460
EnableMethodSecurity should publish only one bean of each AuthorizationAdvisor #15592
Fix Compromised Password Checker Docs Sample Not Working #15305
Fix for #15172 introduces significant performance degredation #15324
Pre/PostAuthorize should not ignore HandleAuthorizationDenied#handlerClass when ApplicationContext is not provided #15535
Update prerequisites documentation with Java 17 #15340
Use Correct Meta-Annotation in Kotlin Sample #15472
Using sec:authorize in JSPX causes 'java.lang.NullPointerException: Cannot invoke "jakarta.servlet.ServletRegistration.getClassName()" because "registration" is null' #15440

🔨 Dependency Upgrades

Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7 #15619
Bump com.fasterxml.jackson:jackson-bom from 2.17.1 to 2.17.2 #15374
Bump com.github.spullara.mustache.java:compiler from 0.9.13 to 0.9.14 #15373
Bump io.micrometer:micrometer-observation from 1.12.7 to 1.12.8 #15383
Bump io.micrometer:micrometer-observation from 1.12.8 to 1.12.9 #15581
Bump io.mockk:mockk from 1.13.11 to 1.13.12 #15430
Bump io.projectreactor:reactor-bom from 2023.0.7 to 2023.0.8 #15388
Bump io.projectreactor:reactor-bom from 2023.0.8 to 2023.0.9 #15597
Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.0 to 3.0.1 #15582
Bump org-apache-maven-resolver from 1.9.20 to 1.9.21 #15372
Bump org-apache-maven-resolver from 1.9.21 to 1.9.22 #15545
Bump org-eclipse-jetty from 11.0.21 to 11.0.22 #15356
Bump org.apache.maven:maven-resolver-provider from 3.9.7 to 3.9.8 #15268
Bump org.apache.maven:maven-resolver-provider from 3.9.8 to 3.9.9 #15642
Bump org.gretty:gretty from 4.1.4 to 4.1.5 #15431
Bump org.hibernate.orm:hibernate-core from 6.4.9.Final to 6.4.10.Final #15530
Bump org.jetbrains.kotlin:kotlin-bom from 1.9.24 to 1.9.25 #15456
Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.24 to 1.9.25 #15455
Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.19 to 4.33.20 #15267
Bump org.junit:junit-bom from 5.10.2 to 5.10.3 #15315
Bump org.skyscreamer:jsonassert from 1.5.1 to 1.5.3 #15336
Bump org.slf4j:slf4j-api from 2.0.13 to 2.0.14 #15529
Bump org.slf4j:slf4j-api from 2.0.14 to 2.0.15 #15546
Bump org.slf4j:slf4j-api from 2.0.15 to 2.0.16 #15571
Bump org.springframework.data:spring-data-bom from 2024.0.1 to 2024.0.2 #15421
Bump org.springframework.data:spring-data-bom from 2024.0.2 to 2024.0.3 #15643
Bump org.springframework.ldap:spring-ldap-core from 3.2.4 to 3.2.6 #15620
Bump org.springframework:spring-framework-bom from 6.1.10 to 6.1.11 #15402
Bump org.springframework:spring-framework-bom from 6.1.11 to 6.1.12 #15613
Bump org.springframework:spring-framework-bom from 6.1.9 to 6.1.10 #15279

🔩 Build Updates

Automate check of expected branch version #15310
Bump @antora/collector-extension from 1.0.0-alpha.4 to 1.0.0-alpha.6 in /docs #15449
Bump @antora/collector-extension from 1.0.0-alpha.6 to 1.0.0-alpha.7 in /docs #15482
Bump @antora/collector-extension from 1.0.0-alpha.7 to 1.0.0-beta.1 in /docs #15560
Bump @antora/collector-extension from 1.0.0-beta.1 to 1.0.0-beta.2 in /docs #15637
Bump @springio/antora-extensions from 1.11.1 to 1.12.0 in /docs #15418
Bump @springio/antora-extensions from 1.12.0 to 1.13.0 in /docs #15517
Bump @springio/antora-extensions from 1.13.0 to 1.13.1 in /docs #15561
Bump @springio/antora-extensions from 1.13.1 to 1.14.2 in /docs #15636
Bump @springio/asciidoctor-extensions from 1.0.0-alpha.10 to 1.0.0-alpha.11 in /docs #15419
Bump @springio/asciidoctor-extensions from 1.0.0-alpha.11 to 1.0.0-alpha.12 in /docs #15515
Bump antora from 3.2.0-alpha.4 to 3.2.0-alpha.5 in /docs #15329
Bump antora from 3.2.0-alpha.5 to 3.2.0-alpha.6 in /docs #15480
Bump com.gradle.develocity from 3.17.5 to 3.17.6 #15464
Bump io-spring-javaformat from 0.0.42 to 0.0.43 #15650
Fix typos and formatting in documentation #15380
Migrate slack notifications to GChat #15505
Use explicit types instead of var #15537

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Kehrlann, @dependabot[bot], and @tahakorkem

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [org.springframework.security:spring-security-crypto](https://spring.io/projects/spring-security) ([source](https://github.com/spring-projects/spring-security)) | compile | patch | `6.3.1` -> `6.3.2` | --- ### Release Notes <details> <summary>spring-projects/spring-security (org.springframework.security:spring-security-crypto)</summary> ### [`v6.3.2`](https://github.com/spring-projects/spring-security/releases/tag/6.3.2) [Compare Source](https://github.com/spring-projects/spring-security/compare/6.3.1...6.3.2) #### :star: New Features - ActiveDirectoryLdapAuthenticationProvider does not implement support for multiple urls [#15495](https://github.com/spring-projects/spring-security/issues/15495) - Document the role of `CredentialsContainer` [#15321](https://github.com/spring-projects/spring-security/issues/15321) - OIDC Backchannel Logout should allow logout tokens having `typ` header of `logout+jwt` [#15410](https://github.com/spring-projects/spring-security/issues/15410) #### :beetle: Bug Fixes - A broken link in Spring Security reference [#15297](https://github.com/spring-projects/spring-security/issues/15297) - Documentation for ServletBearerExchangeFilterFunction incomplete or incorrect [#15460](https://github.com/spring-projects/spring-security/issues/15460) - EnableMethodSecurity should publish only one bean of each AuthorizationAdvisor [#15592](https://github.com/spring-projects/spring-security/issues/15592) - Fix Compromised Password Checker Docs Sample Not Working [#15305](https://github.com/spring-projects/spring-security/issues/15305) - Fix for [#15172](https://github.com/spring-projects/spring-security/issues/15172) introduces significant performance degredation [#15324](https://github.com/spring-projects/spring-security/issues/15324) - Pre/PostAuthorize should not ignore HandleAuthorizationDenied#handlerClass when ApplicationContext is not provided [#15535](https://github.com/spring-projects/spring-security/issues/15535) - Update prerequisites documentation with Java 17 [#15340](https://github.com/spring-projects/spring-security/issues/15340) - Use Correct Meta-Annotation in Kotlin Sample [#15472](https://github.com/spring-projects/spring-security/pull/15472) - Using sec:authorize in JSPX causes 'java.lang.NullPointerException: Cannot invoke "jakarta.servlet.ServletRegistration.getClassName()" because "registration" is null' [#15440](https://github.com/spring-projects/spring-security/issues/15440) #### :hammer: Dependency Upgrades - Bump ch.qos.logback:logback-classic from 1.5.6 to 1.5.7 [#15619](https://github.com/spring-projects/spring-security/pull/15619) - Bump com.fasterxml.jackson:jackson-bom from 2.17.1 to 2.17.2 [#15374](https://github.com/spring-projects/spring-security/pull/15374) - Bump com.github.spullara.mustache.java:compiler from 0.9.13 to 0.9.14 [#15373](https://github.com/spring-projects/spring-security/pull/15373) - Bump io.micrometer:micrometer-observation from 1.12.7 to 1.12.8 [#15383](https://github.com/spring-projects/spring-security/pull/15383) - Bump io.micrometer:micrometer-observation from 1.12.8 to 1.12.9 [#15581](https://github.com/spring-projects/spring-security/pull/15581) - Bump io.mockk:mockk from 1.13.11 to 1.13.12 [#15430](https://github.com/spring-projects/spring-security/pull/15430) - Bump io.projectreactor:reactor-bom from 2023.0.7 to 2023.0.8 [#15388](https://github.com/spring-projects/spring-security/pull/15388) - Bump io.projectreactor:reactor-bom from 2023.0.8 to 2023.0.9 [#15597](https://github.com/spring-projects/spring-security/pull/15597) - Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.0 to 3.0.1 [#15582](https://github.com/spring-projects/spring-security/pull/15582) - Bump org-apache-maven-resolver from 1.9.20 to 1.9.21 [#15372](https://github.com/spring-projects/spring-security/pull/15372) - Bump org-apache-maven-resolver from 1.9.21 to 1.9.22 [#15545](https://github.com/spring-projects/spring-security/pull/15545) - Bump org-eclipse-jetty from 11.0.21 to 11.0.22 [#15356](https://github.com/spring-projects/spring-security/pull/15356) - Bump org.apache.maven:maven-resolver-provider from 3.9.7 to 3.9.8 [#15268](https://github.com/spring-projects/spring-security/pull/15268) - Bump org.apache.maven:maven-resolver-provider from 3.9.8 to 3.9.9 [#15642](https://github.com/spring-projects/spring-security/pull/15642) - Bump org.gretty:gretty from 4.1.4 to 4.1.5 [#15431](https://github.com/spring-projects/spring-security/pull/15431) - Bump org.hibernate.orm:hibernate-core from 6.4.9.Final to 6.4.10.Final [#15530](https://github.com/spring-projects/spring-security/pull/15530) - Bump org.jetbrains.kotlin:kotlin-bom from 1.9.24 to 1.9.25 [#15456](https://github.com/spring-projects/spring-security/pull/15456) - Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.24 to 1.9.25 [#15455](https://github.com/spring-projects/spring-security/pull/15455) - Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.19 to 4.33.20 [#15267](https://github.com/spring-projects/spring-security/pull/15267) - Bump org.junit:junit-bom from 5.10.2 to 5.10.3 [#15315](https://github.com/spring-projects/spring-security/pull/15315) - Bump org.skyscreamer:jsonassert from 1.5.1 to 1.5.3 [#15336](https://github.com/spring-projects/spring-security/pull/15336) - Bump org.slf4j:slf4j-api from 2.0.13 to 2.0.14 [#15529](https://github.com/spring-projects/spring-security/pull/15529) - Bump org.slf4j:slf4j-api from 2.0.14 to 2.0.15 [#15546](https://github.com/spring-projects/spring-security/pull/15546) - Bump org.slf4j:slf4j-api from 2.0.15 to 2.0.16 [#15571](https://github.com/spring-projects/spring-security/pull/15571) - Bump org.springframework.data:spring-data-bom from 2024.0.1 to 2024.0.2 [#15421](https://github.com/spring-projects/spring-security/pull/15421) - Bump org.springframework.data:spring-data-bom from 2024.0.2 to 2024.0.3 [#15643](https://github.com/spring-projects/spring-security/pull/15643) - Bump org.springframework.ldap:spring-ldap-core from 3.2.4 to 3.2.6 [#15620](https://github.com/spring-projects/spring-security/pull/15620) - Bump org.springframework:spring-framework-bom from 6.1.10 to 6.1.11 [#15402](https://github.com/spring-projects/spring-security/pull/15402) - Bump org.springframework:spring-framework-bom from 6.1.11 to 6.1.12 [#15613](https://github.com/spring-projects/spring-security/pull/15613) - Bump org.springframework:spring-framework-bom from 6.1.9 to 6.1.10 [#15279](https://github.com/spring-projects/spring-security/pull/15279) #### :nut_and_bolt: Build Updates - Automate check of expected branch version [#15310](https://github.com/spring-projects/spring-security/issues/15310) - Bump `@antora`/collector-extension from 1.0.0-alpha.4 to 1.0.0-alpha.6 in /docs [#15449](https://github.com/spring-projects/spring-security/pull/15449) - Bump `@antora`/collector-extension from 1.0.0-alpha.6 to 1.0.0-alpha.7 in /docs [#15482](https://github.com/spring-projects/spring-security/pull/15482) - Bump `@antora`/collector-extension from 1.0.0-alpha.7 to 1.0.0-beta.1 in /docs [#15560](https://github.com/spring-projects/spring-security/pull/15560) - Bump `@antora`/collector-extension from 1.0.0-beta.1 to 1.0.0-beta.2 in /docs [#15637](https://github.com/spring-projects/spring-security/pull/15637) - Bump `@springio`/antora-extensions from 1.11.1 to 1.12.0 in /docs [#15418](https://github.com/spring-projects/spring-security/pull/15418) - Bump `@springio`/antora-extensions from 1.12.0 to 1.13.0 in /docs [#15517](https://github.com/spring-projects/spring-security/pull/15517) - Bump `@springio`/antora-extensions from 1.13.0 to 1.13.1 in /docs [#15561](https://github.com/spring-projects/spring-security/pull/15561) - Bump `@springio`/antora-extensions from 1.13.1 to 1.14.2 in /docs [#15636](https://github.com/spring-projects/spring-security/pull/15636) - Bump `@springio`/asciidoctor-extensions from 1.0.0-alpha.10 to 1.0.0-alpha.11 in /docs [#15419](https://github.com/spring-projects/spring-security/pull/15419) - Bump `@springio`/asciidoctor-extensions from 1.0.0-alpha.11 to 1.0.0-alpha.12 in /docs [#15515](https://github.com/spring-projects/spring-security/pull/15515) - Bump antora from 3.2.0-alpha.4 to 3.2.0-alpha.5 in /docs [#15329](https://github.com/spring-projects/spring-security/pull/15329) - Bump antora from 3.2.0-alpha.5 to 3.2.0-alpha.6 in /docs [#15480](https://github.com/spring-projects/spring-security/pull/15480) - Bump com.gradle.develocity from 3.17.5 to 3.17.6 [#15464](https://github.com/spring-projects/spring-security/pull/15464) - Bump io-spring-javaformat from 0.0.42 to 0.0.43 [#15650](https://github.com/spring-projects/spring-security/pull/15650) - Fix typos and formatting in documentation [#15380](https://github.com/spring-projects/spring-security/issues/15380) - Migrate slack notifications to GChat [#15505](https://github.com/spring-projects/spring-security/issues/15505) - Use explicit types instead of var [#15537](https://github.com/spring-projects/spring-security/pull/15537) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@Kehrlann](https://github.com/Kehrlann), [@dependabot](https://github.com/dependabot)\[bot], and [@tahakorkem](https://github.com/tahakorkem) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Renovate Bot (Automatisiert) added 1 commit 2024-08-20 02:02:34 +02:00

Update dependency org.springframework.security:spring-security-crypto to v6.3.2

Keycloak mailcow Build / Build und Bereitstellung (pull_request) Successful in 11s

Details

Keycloak mailcow Build / Build und Bereitstellung (push) Successful in 12s

Details

d3d075c13d

Renovate Bot (Automatisiert) scheduled this pull request to auto merge when all checks succeed 2024-08-20 02:02:34 +02:00

Renovate Bot (Automatisiert) merged commit d3d075c13d into main

2024-08-20 02:03:23 +02:00

Sign in to join this conversation.

No reviewers