Skip to content

NIFI-14582 - Bump Spring Security to 6.5.0, Spring Vault to 3.2.0, and others#9958

Merged
exceptionfactory merged 2 commits intoapache:mainfrom
pvillard31:NIFI-14582
May 20, 2025
Merged

NIFI-14582 - Bump Spring Security to 6.5.0, Spring Vault to 3.2.0, and others#9958
exceptionfactory merged 2 commits intoapache:mainfrom
pvillard31:NIFI-14582

Conversation

@pvillard31
Copy link
Contributor

@pvillard31 pvillard31 commented May 20, 2025
edited
Loading

Summary

NIFI-14582 - Bump Spring Security to 6.5.0, Spring Vault to 3.2.0, and others

Tracking

Please complete the following tracking steps prior to pull request creation.

Issue Tracking

Pull Request Tracking

  • Pull Request title starts with Apache NiFi Jira issue number, such as NIFI-00000
  • Pull Request commit message starts with Apache NiFi Jira issue number, as such NIFI-00000

Pull Request Formatting

  • Pull Request based on current revision of the main branch
  • Pull Request refers to a feature branch with one commit containing changes

Verification

Please indicate the verification steps performed prior to pull request creation.

Build

  • Build completed using mvn clean install -P contrib-check
    • JDK 21

Licensing

  • New dependencies are compatible with the Apache License 2.0 according to the License Policy
  • New dependencies are documented in applicable LICENSE and NOTICE files

Documentation

  • Documentation formatting appears as expected in rendered files

@pvillard31 pvillard31 marked this pull request as draft May 20, 2025 12:02
@pvillard31
Copy link
Contributor Author

pvillard31 commented May 20, 2025
edited
Loading

The bump to Spring Security 6.5.0 is problematic. Looking further into it.

Edit - We have a circular reference that does not seem to be OK anymore.

AuthenticationSecurityConfiguration ──(needs)──▶ Authorizer
      ▲                                      │
      │                                      │
      │                           FactoryBean.getObject()
      │                                      │
      └───(defined by)── AuthorizerConfiguration

@pvillard31 pvillard31 marked this pull request as ready for review May 20, 2025 13:10
pvillard31 added 2 commits May 20, 2025 15:55
@pvillard31
NIFI-14582 - Bump Spring Security to 6.5.0, Spring Vault to 3.2.0, an…
440ff95 
…d others

- Simple Syslog 5424 from 0.0.18 to 0.0.19 - https://github.com/palindromicity/simple-syslog-5424/releases/tag/simple-syslog-5424-0.0.19
- Spring Vault from 3.1.3 to 3.2.0 - https://github.com/spring-projects/spring-vault/releases/tag/3.2.0
- Spring Redis from 3.4.6 to 3.5.0 - https://github.com/spring-projects/spring-data-redis/releases/tag/3.5.0
- Spring Retry from 2.0.11 to 2.0.12 - https://github.com/spring-projects/spring-retry/releases/tag/v2.0.12
- Spring Security from 6.4.5 to 6.5.0 - https://github.com/spring-projects/spring-security/releases/tag/6.5.0
- XML Unit from 2.10.0 to 2.10.1 - https://github.com/xmlunit/xmlunit/releases/tag/v2.10.1
- JLine from 3.30.1 to 3.30.2 - https://github.com/jline/jline3/releases/tag/jline-3.30.2
- AWS SDK v2 from 2.31.44 to 2.31.46 - https://github.com/aws/aws-sdk-java-v2/blob/master/CHANGELOG.md
- Jedis from 5.2.0 to 6.0.0 - https://github.com/redis/jedis/releases/tag/v6.0.0

Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com>
@pvillard31
Fix Spring circular-reference with Authorizer
e19ee96
exceptionfactory
exceptionfactory approved these changes May 20, 2025
View reviewed changes
Copy link
Contributor

@exceptionfactory exceptionfactory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the upgrades and making the adjustments to the Spring Security Configuration @pvillard31, looks good! +1 merging

@exceptionfactory exceptionfactory merged commit 2b3da4c into apache:main May 20, 2025
10 checks passed
iadamcsik pushed a commit to iadamcsik/nifi that referenced this pull request Oct 22, 2025
@pvillard31 @taz1988
NIFI-14582 Bump Spring Security to 6.5.0, Spring Vault to 3.2.0, and …
770c03e 
…others (apache#9958)

- Simple Syslog 5424 from 0.0.18 to 0.0.19 - https://github.com/palindromicity/simple-syslog-5424/releases/tag/simple-syslog-5424-0.0.19
- Spring Vault from 3.1.3 to 3.2.0 - https://github.com/spring-projects/spring-vault/releases/tag/3.2.0
- Spring Redis from 3.4.6 to 3.5.0 - https://github.com/spring-projects/spring-data-redis/releases/tag/3.5.0
- Spring Retry from 2.0.11 to 2.0.12 - https://github.com/spring-projects/spring-retry/releases/tag/v2.0.12
- Spring Security from 6.4.5 to 6.5.0 - https://github.com/spring-projects/spring-security/releases/tag/6.5.0
- XML Unit from 2.10.0 to 2.10.1 - https://github.com/xmlunit/xmlunit/releases/tag/v2.10.1
- JLine from 3.30.1 to 3.30.2 - https://github.com/jline/jline3/releases/tag/jline-3.30.2
- AWS SDK v2 from 2.31.44 to 2.31.46 - https://github.com/aws/aws-sdk-java-v2/blob/master/CHANGELOG.md
- Jedis from 5.2.0 to 6.0.0 - https://github.com/redis/jedis/releases/tag/v6.0.0

- Fixed Spring circular-reference with Authorizer

Signed-off-by: David Handermann <exceptionfactory@apache.org>
(cherry picked from commit 2b3da4c)
(cherry picked from commit e521ecc0014dd89239d3c8faaee517c0b5a30996)
(cherry picked from commit fc1f89dc78513b6f8aa4742b502fea947a5218f2)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@exceptionfactory exceptionfactory exceptionfactory approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pvillard31 @exceptionfactory