What's Changed
- Switch pre-commit to ASF approved prek-action by @jbampton in #2705
- chore(deps): bump https://github.com/zizmorcore/zizmor-pre-commit from v1.24.1 to 1.25.2 in the pre-commit-hooks group by @dependabot[bot] in #2709
- chore(deps): bump org.apache.commons:commons-configuration2 from 2.14.0 to 2.15.0 by @dependabot[bot] in #2706
- [#2704] [#2710] Fixed Session fixation-related regressions by @lprimak in #2711
- chore(deps): bump org.apache:apache from 37 to 38 by @dependabot[bot] in #2700
- chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.6 to 0.25.7 by @dependabot[bot] in #2699
- chore(deps): bump slf4j.version from 2.0.17 to 2.0.18 by @dependabot[bot] in #2694
- Add AGENTS.md + SECURITY.md linking the project's security model by @potiuk in #2702
- chore(deps): bump log4j.version from 2.25.4 to 2.26.0 by @dependabot[bot] in #2697
- chore(deps): bump the github-actions-dependencies group with 3 updates by @dependabot[bot] in #2696
- chore(deps): bump org.apache.johnzon:johnzon-jsonb from 1.2.22 to 1.3.0 by @dependabot[bot] in #2698
- chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.10 to 3.6.11 by @dependabot[bot] in #2729
- chore(deps): bump org.apache.cxf:cxf-bom from 3.6.10 to 3.6.11 by @dependabot[bot] in #2728
- chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.7 to 0.26.0 by @dependabot[bot] in #2727
- chore(deps): bump org.omnifaces:omnifaces from 3.14.20 to 3.14.21 by @dependabot[bot] in #2725
- chore(deps): bump org.apache.commons:commons-configuration2 from 2.15.0 to 2.15.1 by @dependabot[bot] in #2724
- chore(deps): bump the github-actions-dependencies group with 3 updates by @dependabot[bot] in #2723
- chore(deps-dev): bump arquillian.core.version from 1.10.1.Final to 1.10.2.Final by @dependabot[bot] in #2722
- chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.10 to 3.6.11 by @dependabot[bot] in #2721
- [CI] Add pre-commit hook to validate the CITATION file; Add missing required field
messageby @jbampton in #2717 - [CI] Add hook to validate dependabot.yml with pre-commit by @jbampton in #2716
- chore: add branch protection rules by @lprimak in #2701
- chore(deps): bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.34 by @dependabot[bot] in #2748
- chore(deps): bump ch.qos.logback:logback-core from 1.5.32 to 1.5.34 by @dependabot[bot] in #2749
- chore(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.14 to 0.8.15 by @dependabot[bot] in #2765
- chore(deps): bump the github-actions-dependencies group across 1 directory with 2 updates by @dependabot[bot] in #2756
- chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.3.1 to 5.0.0 by @dependabot[bot] in #2753
- chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.6 to 3.3.7 by @dependabot[bot] in #2750
- chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.26.0 to 0.26.1 by @dependabot[bot] in #2751
- [CI] Pin to sha all pre-commit hooks and clean up by @jbampton in #2730
- Configure EditorConfig for more file types by @jbampton in #2747
- Update and expand the CITATION file by @jbampton in #2766
- chore(deps): bump bytebuddy.version from 1.18.8 to 1.18.10 by @dependabot[bot] in #2752
- [#2760] chore: update shiro.doap file with more recent versions and maintainers by @lprimak in #2768
- chore(jacoco): added exclusion for weld client proxy by @lprimak in #2769
- [#2758] Deprecate RandomSessionIdGenerator due to insufficient entropy by @lprimak in #2770
New Contributors
Full Changelog: shiro-root-2.2.0...shiro-root-2.2.1
Contributors
jbampton, potiuk, and 2 other contributors