gcg/keycloak-mailcow
gcg/keycloak-mailcow
0
0
Fork 0
Code Issues Pull Requests Actions Releases 3 Activity

Update dependency org.springframework.security:spring-security-crypto to v6.4.2 #30

Merged
Renovate Bot (Automatisiert) merged 1 commits from renovate/version.springsec into main 2024-12-17 01:03:39 +01:00
Conversation 0 Commits 1 Files Changed 1 +1 -1
Renovate Bot (Automatisiert) commented 2024-12-17 01:02:25 +01:00
Owner
Copy Link

This PR contains the following updates:

Package Type Update Change
org.springframework.security:spring-security-crypto (source) compile patch 6.4.1 -> 6.4.2

Release Notes

spring-projects/spring-security (org.springframework.security:spring-security-crypto)

v6.4.2

Compare Source

New Features

  • Add 6.4 Sample Serializations for Serializable classes #​16274
  • Add @inheritDoc to sessionIdChanged method #​16216
  • Fix typo in oauth2 resource server documentation #​16053
  • Fixed confusing phrasing in the docs for a better clarity. #​16169
  • Improve AuthorizationManager configuration error messages #​16194
  • Polish #​16148
  • Use Documentation Tags for Maven and Gradle in Getting Started #​16234
  • Add WebDriver WebAuthn test #​15969

🪲 Bug Fixes

  • Add Deprecated ObjectPostProcessor constructor #​16212
  • Add RuntimeHints for webauthn Javascript resource #​16159
  • Always return current ClientRegistration in loadAuthorizedClient #​16139
  • Avoid requesting an unnecessary attestation statement when creating a webauthn credential #​16252
  • CI is not using the correct secret for Develocity #​16263
  • Dark mode rendering issue with images on CSRF and Method Security pages #​16176
  • DefaultSaml2AuthenticatedPrincipal should define a serialVersionUID #​16163
  • Delay initialization of AuthenticationProvider in Global Authentication #​16147
  • Fix Documentation Typos #​16054
  • Correct OAuth2ClientHttpRequestInterceptor Usage Documentation #​16172
  • Fix Typo in 'What's New' Documentation #​16183
  • Fix WebAuthnWebdriverTests #​16279
  • Correct OpenSAML 5.x Documentation #​16195
  • Issue when using @AuthenticationPrincipal on interfaces #​16177
  • Mutate breaks functionality of StrictFirewallHttpHeaders with recently modified HttpHeaders#writabeHttpHeaders #​16261
  • Remove duplicate cache in AuthenticationPrincipalArgumentResolverand CurrentSecurityContextArgumentResolver #​16202
  • Resolve ObjectPostProcessor collisions between RSocket and WebFlux security configuration #​16161
  • Restore @AuthenticationPrincipal/@CurrentSecurityContext Interface Support #​16245
  • Restore Servlet 5 Compatiblity for CookieCsrfTokenRepository #​16220
  • Spelling error in opensaml.adoc #​16146
  • Update document regarding PublicKeyCredentialCreationOptions.attestation value #​16264
  • Verification Options Should Return Saved Transports for Credentials #​16084

🔨 Dependency Upgrades

  • Bump com.fasterxml.jackson:jackson-bom from 2.18.1 to 2.18.2 #​16184
  • Bump com.webauthn4j:webauthn4j-core from 0.28.2.RELEASE to 0.28.3.RELEASE #​16203
  • Bump io.micrometer:micrometer-observation from 1.14.1 to 1.14.2 #​16255
  • Bump io.projectreactor:reactor-bom from 2023.0.12 to 2023.0.13 #​16256
  • Bump org.gradle.wrapper-upgrade from 0.11.4 to 0.12 #​16209
  • Bump org.gretty:gretty from 4.1.5 to 4.1.6 #​16247
  • Bump org.hibernate.orm:hibernate-core from 6.6.2.Final to 6.6.3.Final #​16145
  • Bump org.htmlunit:htmlunit from 4.6.0 to 4.7.0 #​16205
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.22 to 4.33.23 #​16180
  • Bump org.seleniumhq.selenium:htmlunit3-driver from 4.26.0 to 4.27.0 #​16204
  • Bump org.seleniumhq.selenium:selenium-java from 4.26.0 to 4.27.0 #​16167
  • Bump org.springframework.data:spring-data-bom from 2024.1.0 to 2024.1.1 #​16290
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.8 to 3.2.10 #​16270
  • Bump org.springframework:spring-framework-bom from 6.2.0 to 6.2.1 #​16271

🔩 Build Updates

  • Bump @antora/collector-extension from 1.0.0 to 1.0.1 in /docs #​16239
  • Bump antora from 3.2.0-alpha.6 to 3.2.0-alpha.8 in /docs #​16237
  • Bump gradle/gradle-build-action from 2 to 3 #​16278
  • Remove 5.8.x and 6.2.x dependabot configuration #​16268
  • Remove 5.8.x from Auto Merge Forward Dependabot PRs #​15770

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​12OneTwo12, @​Kehrlann, @​MuhammadNFadhil, @​OrangeDog, @​Spikhalskiy, @​dependabot[bot], @​harpreets789, @​kse-music, @​martin-tarjanyi, @​ngocnhan-tran1996, and @​ynojima

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [org.springframework.security:spring-security-crypto](https://spring.io/projects/spring-security) ([source](https://github.com/spring-projects/spring-security)) | compile | patch | `6.4.1` -> `6.4.2` | --- ### Release Notes <details> <summary>spring-projects/spring-security (org.springframework.security:spring-security-crypto)</summary> ### [`v6.4.2`](https://github.com/spring-projects/spring-security/releases/tag/6.4.2) [Compare Source](https://github.com/spring-projects/spring-security/compare/6.4.1...6.4.2) #### :star: New Features - Add 6.4 Sample Serializations for Serializable classes [#&#8203;16274](https://github.com/spring-projects/spring-security/issues/16274) - Add `@inheritDoc` to sessionIdChanged method [#&#8203;16216](https://github.com/spring-projects/spring-security/pull/16216) - Fix typo in oauth2 resource server documentation [#&#8203;16053](https://github.com/spring-projects/spring-security/pull/16053) - Fixed confusing phrasing in the docs for a better clarity. [#&#8203;16169](https://github.com/spring-projects/spring-security/pull/16169) - Improve AuthorizationManager configuration error messages [#&#8203;16194](https://github.com/spring-projects/spring-security/pull/16194) - Polish [#&#8203;16148](https://github.com/spring-projects/spring-security/pull/16148) - Use Documentation Tags for Maven and Gradle in Getting Started [#&#8203;16234](https://github.com/spring-projects/spring-security/pull/16234) - Add WebDriver WebAuthn test [#&#8203;15969](https://github.com/spring-projects/spring-security/pull/15969) #### :beetle: Bug Fixes - Add Deprecated ObjectPostProcessor constructor [#&#8203;16212](https://github.com/spring-projects/spring-security/pull/16212) - Add RuntimeHints for webauthn Javascript resource [#&#8203;16159](https://github.com/spring-projects/spring-security/pull/16159) - Always return current ClientRegistration in `loadAuthorizedClient` [#&#8203;16139](https://github.com/spring-projects/spring-security/issues/16139) - Avoid requesting an unnecessary attestation statement when creating a webauthn credential [#&#8203;16252](https://github.com/spring-projects/spring-security/pull/16252) - CI is not using the correct secret for Develocity [#&#8203;16263](https://github.com/spring-projects/spring-security/issues/16263) - Dark mode rendering issue with images on CSRF and Method Security pages [#&#8203;16176](https://github.com/spring-projects/spring-security/issues/16176) - DefaultSaml2AuthenticatedPrincipal should define a serialVersionUID [#&#8203;16163](https://github.com/spring-projects/spring-security/issues/16163) - Delay initialization of AuthenticationProvider in Global Authentication [#&#8203;16147](https://github.com/spring-projects/spring-security/issues/16147) - Fix Documentation Typos [#&#8203;16054](https://github.com/spring-projects/spring-security/pull/16054) - Correct OAuth2ClientHttpRequestInterceptor Usage Documentation [#&#8203;16172](https://github.com/spring-projects/spring-security/pull/16172) - Fix Typo in 'What's New' Documentation [#&#8203;16183](https://github.com/spring-projects/spring-security/pull/16183) - Fix WebAuthnWebdriverTests [#&#8203;16279](https://github.com/spring-projects/spring-security/pull/16279) - Correct OpenSAML 5.x Documentation [#&#8203;16195](https://github.com/spring-projects/spring-security/pull/16195) - Issue when using `@AuthenticationPrincipal` on interfaces [#&#8203;16177](https://github.com/spring-projects/spring-security/issues/16177) - Mutate breaks functionality of StrictFirewallHttpHeaders with recently modified HttpHeaders#writabeHttpHeaders [#&#8203;16261](https://github.com/spring-projects/spring-security/issues/16261) - Remove duplicate cache in AuthenticationPrincipalArgumentResolverand CurrentSecurityContextArgumentResolver [#&#8203;16202](https://github.com/spring-projects/spring-security/pull/16202) - Resolve ObjectPostProcessor collisions between RSocket and WebFlux security configuration [#&#8203;16161](https://github.com/spring-projects/spring-security/issues/16161) - Restore `@AuthenticationPrincipal`/`@CurrentSecurityContext` Interface Support [#&#8203;16245](https://github.com/spring-projects/spring-security/pull/16245) - Restore Servlet 5 Compatiblity for CookieCsrfTokenRepository [#&#8203;16220](https://github.com/spring-projects/spring-security/issues/16220) - Spelling error in opensaml.adoc [#&#8203;16146](https://github.com/spring-projects/spring-security/pull/16146) - Update document regarding PublicKeyCredentialCreationOptions.attestation value [#&#8203;16264](https://github.com/spring-projects/spring-security/pull/16264) - Verification Options Should Return Saved Transports for Credentials [#&#8203;16084](https://github.com/spring-projects/spring-security/issues/16084) #### :hammer: Dependency Upgrades - Bump com.fasterxml.jackson:jackson-bom from 2.18.1 to 2.18.2 [#&#8203;16184](https://github.com/spring-projects/spring-security/pull/16184) - Bump com.webauthn4j:webauthn4j-core from 0.28.2.RELEASE to 0.28.3.RELEASE [#&#8203;16203](https://github.com/spring-projects/spring-security/pull/16203) - Bump io.micrometer:micrometer-observation from 1.14.1 to 1.14.2 [#&#8203;16255](https://github.com/spring-projects/spring-security/pull/16255) - Bump io.projectreactor:reactor-bom from 2023.0.12 to 2023.0.13 [#&#8203;16256](https://github.com/spring-projects/spring-security/pull/16256) - Bump org.gradle.wrapper-upgrade from 0.11.4 to 0.12 [#&#8203;16209](https://github.com/spring-projects/spring-security/pull/16209) - Bump org.gretty:gretty from 4.1.5 to 4.1.6 [#&#8203;16247](https://github.com/spring-projects/spring-security/pull/16247) - Bump org.hibernate.orm:hibernate-core from 6.6.2.Final to 6.6.3.Final [#&#8203;16145](https://github.com/spring-projects/spring-security/pull/16145) - Bump org.htmlunit:htmlunit from 4.6.0 to 4.7.0 [#&#8203;16205](https://github.com/spring-projects/spring-security/pull/16205) - Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.22 to 4.33.23 [#&#8203;16180](https://github.com/spring-projects/spring-security/pull/16180) - Bump org.seleniumhq.selenium:htmlunit3-driver from 4.26.0 to 4.27.0 [#&#8203;16204](https://github.com/spring-projects/spring-security/pull/16204) - Bump org.seleniumhq.selenium:selenium-java from 4.26.0 to 4.27.0 [#&#8203;16167](https://github.com/spring-projects/spring-security/pull/16167) - Bump org.springframework.data:spring-data-bom from 2024.1.0 to 2024.1.1 [#&#8203;16290](https://github.com/spring-projects/spring-security/pull/16290) - Bump org.springframework.ldap:spring-ldap-core from 3.2.8 to 3.2.10 [#&#8203;16270](https://github.com/spring-projects/spring-security/pull/16270) - Bump org.springframework:spring-framework-bom from 6.2.0 to 6.2.1 [#&#8203;16271](https://github.com/spring-projects/spring-security/pull/16271) #### :nut_and_bolt: Build Updates - Bump `@antora`/collector-extension from 1.0.0 to 1.0.1 in /docs [#&#8203;16239](https://github.com/spring-projects/spring-security/pull/16239) - Bump antora from 3.2.0-alpha.6 to 3.2.0-alpha.8 in /docs [#&#8203;16237](https://github.com/spring-projects/spring-security/pull/16237) - Bump gradle/gradle-build-action from 2 to 3 [#&#8203;16278](https://github.com/spring-projects/spring-security/pull/16278) - Remove 5.8.x and 6.2.x dependabot configuration [#&#8203;16268](https://github.com/spring-projects/spring-security/issues/16268) - Remove 5.8.x from Auto Merge Forward Dependabot PRs [#&#8203;15770](https://github.com/spring-projects/spring-security/issues/15770) #### :heart: Contributors Thank you to all the contributors who worked on this release: [@&#8203;12OneTwo12](https://github.com/12OneTwo12), [@&#8203;Kehrlann](https://github.com/Kehrlann), [@&#8203;MuhammadNFadhil](https://github.com/MuhammadNFadhil), [@&#8203;OrangeDog](https://github.com/OrangeDog), [@&#8203;Spikhalskiy](https://github.com/Spikhalskiy), [@&#8203;dependabot](https://github.com/dependabot)\[bot], [@&#8203;harpreets789](https://github.com/harpreets789), [@&#8203;kse-music](https://github.com/kse-music), [@&#8203;martin-tarjanyi](https://github.com/martin-tarjanyi), [@&#8203;ngocnhan-tran1996](https://github.com/ngocnhan-tran1996), and [@&#8203;ynojima](https://github.com/ynojima) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4zMC4wIiwidXBkYXRlZEluVmVyIjoiMzkuMzAuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Renovate Bot (Automatisiert) added 1 commit 2024-12-17 01:02:26 +01:00
Update dependency org.springframework.security:spring-security-crypto to v6.4.2
All checks were successful
Keycloak mailcow Build / Build und Bereitstellung (pull_request) Successful in 14s
Details
Keycloak mailcow Build / Build und Bereitstellung (push) Successful in 13s
Details
af301d73e0
Renovate Bot (Automatisiert) scheduled this pull request to auto merge when all checks succeed 2024-12-17 01:02:27 +01:00
Renovate Bot (Automatisiert) merged commit af301d73e0 into main 2024-12-17 01:03:39 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
Art
Feature
Dieses Issue behandelt ein neues Feature
Art
Problem
Dieses Issue beschreibt ein bestehendes Problem
Art
Verbesserung
Die beschriebene Veränderung verbessert ein bestehendes Feature.
Automatisiert
Dieses Issue wird von einer Maschine verwaltet.
Bereich
Infrastruktur
Dieses Issue betrifft den internen Infrastruktur-Aufbau
Bereich
Intern
Dieses Issue betrifft eine interne Angelegenheit
Bereich
Öffentlich
Dieses Issue betrifft einen öffentlichen Bereich des Diensts
Priorität
gering
Priorität
hoch
Priorität
zeitnah
Status
Abstellgleis
Dieses Issue kann voraussichtlich nicht in nächster Zeit gelöst werden.
Status
Vorschlag
Die beschriebene Veränderung ist ein Vorschlag und steht zur Diskussion
Status
zu untersuchen
Der Ursprung dieses Problems ist noch unklar.
Zuarbeit
Dieses Issue erfordert externe Zuarbeit
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: gcg/keycloak-mailcow#30
No description provided.
Delete Branch "renovate/version.springsec"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?