Bump spring-security.version from 5.1.3.RELEASE to 5.2.2.RELEASE in /dspace-rest

[dependabot]

Bumps spring-security.version from 5.1.3.RELEASE to 5.2.2.RELEASE.

Updates spring-security-core from 5.1.3.RELEASE to 5.2.2.RELEASE

Release notes

Sourced from spring-security-core's releases.

5.2.2.RELEASE

⭐ New Features

• Don't cache requests with Accept: text/event-stream by default. #7744
• Provide reactive implementation of AuthorizedClientServiceOAuth2AuthorizedClientManager #7717
• Remove redundant validation for redirect-uri #7707
• Polish oauth2-client Error-handling Tests #7647
• Remove unnecessary code in SecurityExpressionRoot #7635
• Extract HTTPS Documentation #7626
• Remove unnecessary code in SecurityExpressionRoot #7601
• Make jwks_uri optional for RFC 8414 and required for OpenID Connect #7573

🪲 Bug Fixes

• Form login requiresAuthenticationMatcher is not used in WebFlux #7867
• Form Login authenticationFailureHandler is not used in ServerHttpSecurity #7866
• BasicAuthenticationFilter ignores credentials charset #7859
• Default LDIF file not picked up in LDAP "unboundid" mode #7852
• Incorrect LDIF file example in LDAP documentation #7849
• Use the custom ServerRequestCache that the user configures #7753
• RequestCacheSpec not used on RedirectServerAuthenticationEntryPoint for OAuth2LoginSpec.configure #7751
• Disabling logout in WebFlux does nothing #7742
• Saml2Authentication isn't serializable #7739
• Docs ServerRSocketFactoryCustomizer->ServerRSocketFactoryProcessor #7738
• CompositeServerHttpHeadersWriter Should Execute Sequentially #7732
• DelegatingServerAuthenticationSuccessHandler Should Execute Sequentially #7729
• DelegatingServerLogoutHandler Should Execute Sequentially #7725
• WebFlux oauth2Login returns 500 when bad client credentials #7703
• Correctly configure authorization requests repository for OAuth2 login #7690
• Correctly configure authorization requests repository for OAuth2 login #7689
• DefaultReactiveOAuth2AuthorizedClientManager never calls UnAuthenticatedServerOAuth2AuthorizedClientRepository #7684
• Update @​MessageMapping to match input/output cardinality #7669
• Add http and https spring.schema mappings #7623
• Avoid toString in favor of getName in order to extract sid #6354

🔨 Dependency Upgrades

• Update to Spring Boot 2.2.4 #7909
• Update to org.slf4j 1.7.30 #7908
• Update to org.powermock 2.0.5 #7907
• Update to hibernate-validator 6.1.2.Final #7906
• Update to hibernate-entitymanager 5.4.10.Final #7905
• Update to org.aspectj 1.9.5 #7904
• Update to httpclient 4.5.11 #7903
• Update to commons-codec 1.14 #7899
• Update to com.squareup.okhttp3 3.14.6 #7898
• Update to Jackson 2.10.2 #7897
• Update to Reactor Dysprosium SR4 #7896
• Update to Spring Data Moore SR3 #7895
• Update to Spring Framework 5.2.3 #7894

... (truncated)

Commits

• 9a2b71d Release 5.2.2.RELEASE
• c4ccc96 Polish Error Messages for OpaqueTokenIntrospectors
• 6c31021 Update to Spring Boot 2.2.4
• a5b6b9a Update to org.slf4j 1.7.30
• 9e69102 Update to org.powermock 2.0.5
• ea809b0 Update to hibernate-validator 6.1.2.Final
• 8054239 Update to hibernate-entitymanager 5.4.10.Final
• 4648619 Update to org.aspectj 1.9.5
• 00b08bc Update to httpclient 4.5.11
• 6e0fbfc Update to commons-codec 1.14
• Additional commits viewable in compare view

Updates spring-security-web from 5.1.3.RELEASE to 5.2.2.RELEASE

Release notes

Sourced from spring-security-web's releases.

5.2.2.RELEASE

⭐ New Features

• Don't cache requests with Accept: text/event-stream by default. #7744
• Provide reactive implementation of AuthorizedClientServiceOAuth2AuthorizedClientManager #7717
• Remove redundant validation for redirect-uri #7707
• Polish oauth2-client Error-handling Tests #7647
• Remove unnecessary code in SecurityExpressionRoot #7635
• Extract HTTPS Documentation #7626
• Remove unnecessary code in SecurityExpressionRoot #7601
• Make jwks_uri optional for RFC 8414 and required for OpenID Connect #7573

🪲 Bug Fixes

• Form login requiresAuthenticationMatcher is not used in WebFlux #7867
• Form Login authenticationFailureHandler is not used in ServerHttpSecurity #7866
• BasicAuthenticationFilter ignores credentials charset #7859
• Default LDIF file not picked up in LDAP "unboundid" mode #7852
• Incorrect LDIF file example in LDAP documentation #7849
• Use the custom ServerRequestCache that the user configures #7753
• RequestCacheSpec not used on RedirectServerAuthenticationEntryPoint for OAuth2LoginSpec.configure #7751
• Disabling logout in WebFlux does nothing #7742
• Saml2Authentication isn't serializable #7739
• Docs ServerRSocketFactoryCustomizer->ServerRSocketFactoryProcessor #7738
• CompositeServerHttpHeadersWriter Should Execute Sequentially #7732
• DelegatingServerAuthenticationSuccessHandler Should Execute Sequentially #7729
• DelegatingServerLogoutHandler Should Execute Sequentially #7725
• WebFlux oauth2Login returns 500 when bad client credentials #7703
• Correctly configure authorization requests repository for OAuth2 login #7690
• Correctly configure authorization requests repository for OAuth2 login #7689
• DefaultReactiveOAuth2AuthorizedClientManager never calls UnAuthenticatedServerOAuth2AuthorizedClientRepository #7684
• Update @​MessageMapping to match input/output cardinality #7669
• Add http and https spring.schema mappings #7623
• Avoid toString in favor of getName in order to extract sid #6354

🔨 Dependency Upgrades

• Update to Spring Boot 2.2.4 #7909
• Update to org.slf4j 1.7.30 #7908
• Update to org.powermock 2.0.5 #7907
• Update to hibernate-validator 6.1.2.Final #7906
• Update to hibernate-entitymanager 5.4.10.Final #7905
• Update to org.aspectj 1.9.5 #7904
• Update to httpclient 4.5.11 #7903
• Update to commons-codec 1.14 #7899
• Update to com.squareup.okhttp3 3.14.6 #7898
• Update to Jackson 2.10.2 #7897
• Update to Reactor Dysprosium SR4 #7896
• Update to Spring Data Moore SR3 #7895
• Update to Spring Framework 5.2.3 #7894

... (truncated)

Commits

• 9a2b71d Release 5.2.2.RELEASE
• c4ccc96 Polish Error Messages for OpaqueTokenIntrospectors
• 6c31021 Update to Spring Boot 2.2.4
• a5b6b9a Update to org.slf4j 1.7.30
• 9e69102 Update to org.powermock 2.0.5
• ea809b0 Update to hibernate-validator 6.1.2.Final
• 8054239 Update to hibernate-entitymanager 5.4.10.Final
• 4648619 Update to org.aspectj 1.9.5
• 00b08bc Update to httpclient 4.5.11
• 6e0fbfc Update to commons-codec 1.14
• Additional commits viewable in compare view

Updates spring-security-config from 5.1.3.RELEASE to 5.2.2.RELEASE

Release notes

Sourced from spring-security-config's releases.

5.2.2.RELEASE

⭐ New Features

• Don't cache requests with Accept: text/event-stream by default. #7744
• Provide reactive implementation of AuthorizedClientServiceOAuth2AuthorizedClientManager #7717
• Remove redundant validation for redirect-uri #7707
• Polish oauth2-client Error-handling Tests #7647
• Remove unnecessary code in SecurityExpressionRoot #7635
• Extract HTTPS Documentation #7626
• Remove unnecessary code in SecurityExpressionRoot #7601
• Make jwks_uri optional for RFC 8414 and required for OpenID Connect #7573

🪲 Bug Fixes

• Form login requiresAuthenticationMatcher is not used in WebFlux #7867
• Form Login authenticationFailureHandler is not used in ServerHttpSecurity #7866
• BasicAuthenticationFilter ignores credentials charset #7859
• Default LDIF file not picked up in LDAP "unboundid" mode #7852
• Incorrect LDIF file example in LDAP documentation #7849
• Use the custom ServerRequestCache that the user configures #7753
• RequestCacheSpec not used on RedirectServerAuthenticationEntryPoint for OAuth2LoginSpec.configure #7751
• Disabling logout in WebFlux does nothing #7742
• Saml2Authentication isn't serializable #7739
• Docs ServerRSocketFactoryCustomizer->ServerRSocketFactoryProcessor #7738
• CompositeServerHttpHeadersWriter Should Execute Sequentially #7732
• DelegatingServerAuthenticationSuccessHandler Should Execute Sequentially #7729
• DelegatingServerLogoutHandler Should Execute Sequentially #7725
• WebFlux oauth2Login returns 500 when bad client credentials #7703
• Correctly configure authorization requests repository for OAuth2 login #7690
• Correctly configure authorization requests repository for OAuth2 login #7689
• DefaultReactiveOAuth2AuthorizedClientManager never calls UnAuthenticatedServerOAuth2AuthorizedClientRepository #7684
• Update @​MessageMapping to match input/output cardinality #7669
• Add http and https spring.schema mappings #7623
• Avoid toString in favor of getName in order to extract sid #6354

🔨 Dependency Upgrades

• Update to Spring Boot 2.2.4 #7909
• Update to org.slf4j 1.7.30 #7908
• Update to org.powermock 2.0.5 #7907
• Update to hibernate-validator 6.1.2.Final #7906
• Update to hibernate-entitymanager 5.4.10.Final #7905
• Update to org.aspectj 1.9.5 #7904
• Update to httpclient 4.5.11 #7903
• Update to commons-codec 1.14 #7899
• Update to com.squareup.okhttp3 3.14.6 #7898
• Update to Jackson 2.10.2 #7897
• Update to Reactor Dysprosium SR4 #7896
• Update to Spring Data Moore SR3 #7895
• Update to Spring Framework 5.2.3 #7894

... (truncated)

Commits

• 9a2b71d Release 5.2.2.RELEASE
• c4ccc96 Polish Error Messages for OpaqueTokenIntrospectors
• 6c31021 Update to Spring Boot 2.2.4
• a5b6b9a Update to org.slf4j 1.7.30
• 9e69102 Update to org.powermock 2.0.5
• ea809b0 Update to hibernate-validator 6.1.2.Final
• 8054239 Update to hibernate-entitymanager 5.4.10.Final
• 4648619 Update to org.aspectj 1.9.5
• 00b08bc Update to httpclient 4.5.11
• 6e0fbfc Update to commons-codec 1.14
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Looks like these dependencies are up-to-date now, so this is no longer needed.