Skip to content

chore(deps): bump spring-security.version from 6.1.0 to 6.1.1 #602

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
deki merged 1 commit into from
Jun 28, 2023
Merged

chore(deps): bump spring-security.version from 6.1.0 to 6.1.1 #602

deki merged 1 commit into from
Jun 28, 2023

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 26, 2023

Bumps spring-security.version from 6.1.0 to 6.1.1.
Updates spring-security-web from 6.1.0 to 6.1.1

Release notes

Sourced from spring-security-web's releases.

6.1.1

⭐ New Features

  • Add initial Native section to reference docs #13236
  • Align Resource Server documentation with Boot's capabilities #13239
  • Convert to Asciidoctor Tabs #13407
  • Document How to Handle Method Security in Native Image #13237
  • Improve javadoc about deprecation of .and() and non-Customizer methods #13273
  • Make eclipse/vscode project import work #13284
  • Mention that authorizeHttpRequests does not support GrantedAuthorityDefaults #13229
  • mockOAuth2Login() does not work in collaboration with Spring Cloud Gateway and TokenRelayGatewayFilter #13254
  • Use Antora name of security #13331

🪲 Bug Fixes

  • Additional filters registered when using Custom DSL #13282
  • AOT Fails to proxy #13369
  • CasAuthenticationFilter.successfulAuthentication missing call to securityContextRepository.saveContext #13243
  • DefaultAuthorizationCodeTokenResponseClient.getTokenResponse(OAuth2AuthorizationCodeGrantRequest) can return null #13223
  • Deprecated hint on BasicAuthenticationFilter #13279
  • Document missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository #13193
  • Fix Antora Warnings #13294
  • Fix constant value in XContentTypeOptionsServerHttpHeadersWriter #13221
  • Fix Documentation Title #13318
  • Fix legacy-websocket-configuration cross-reference #13206
  • Fix type on method-security.adoc #13212
  • http://www.springframework.org/schema/security/spring-security.xsd returns 404 #13209
  • Migration to EnableMethodSecurity break Transactional on custom PermissionEvaluator #13218
  • No longer maintained net.sourceforge.nekohtml with known security issues #13287
  • Provide meaningful error when invalid client-authentication-method is provided #13309
  • Proxy Server section is not linked in nav #13324
  • Use consistent list of micrometer tags in web observation handler #13190
  • UserBuilder does not allow authorities to be overridden #13290

🔨 Dependency Upgrades

  • Update cas-client-core to 4.0.2 #13342
  • Update com.nimbusds to 9.43.3 #13335
  • Update hsqldb to 2.7.2 #13343
  • Update io.projectreactor to 2022.0.8 #13338
  • Update io.rsocket to 1.1.4 #13340
  • Update io.spring.javaformat to 0.0.39 #13341
  • Update logback-classic to 1.4.8 #13334
  • Update micrometer-observation to 1.10.8 #13337
  • Update org.jetbrains.kotlin to 1.8.22 #13344
  • Update org.springframework to 6.0.10 #13345
  • Update org.springframework.data to 2022.0.7 #13346
  • Update reactor-netty to 1.1.8 #13339
  • Update spring-ldap-core to 3.0.4 #13347
  • Update unboundid-ldapsdk to 6.0.9 #13336

... (truncated)

Commits

Updates spring-security-config from 6.1.1 to 6.1.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump spring-security.version from 6.1.0 to 6.1.1
207d4a7 
Bumps `spring-security.version` from 6.1.0 to 6.1.1.

Updates `spring-security-web` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.1.0...6.1.1)

Updates `spring-security-config` from 6.1.1 to 6.1.1
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.1.1...6.1.1)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-web
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.springframework.security:spring-security-config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 26, 2023
@deki deki merged commit 31858ae into main Jun 28, 2023
@dependabot dependabot bot deleted the dependabot/maven/spring-security.version-6.1.1 branch June 28, 2023 14:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@deki