77.30.0

What's Changed

Fixes

• fix: accept application/jwk-set+json when fetching JWKs by @mikeroda in #3365
• fix cast exception with login_hint to /login by @strehle in #3368
• fix saml validation and allow again only encrypted assertions by @strehle in #3361
• fix federated credential administration by @strehle in #3377
• Remove response X-XSS-Protection header by @strehle in #3362

Misc

• Move multitenant-endpoints.xml to javaconfig by @Kehrlann in #3355
• remove oauth-endpoints.xml by @fhanik in #3364

Dependency Bumps

• build(deps): bump nokogiri from 1.18.3 to 1.18.4 in /uaa/slate by @dependabot in #3367
• build(deps): bump versions.seleniumVersion from 4.29.0 to 4.30.0 by @dependabot in #3369
• build(deps): bump github.com/onsi/gomega from 1.36.2 to 1.36.3 in /k8s by @dependabot in #3371
• build(deps): bump org.sonarsource.scanner.gradle:sonarqube-gradle-plugin from 6.0.1.5171 to 6.1.0.5360 by @dependabot in #3373
• build(deps): bump org.eclipse.jgit:org.eclipse.jgit from 7.1.0.202411261347-r to 7.2.0.202503040940-r by @dependabot in #3359
• build(deps): bump versions.guavaVersion from 33.4.0-jre to 33.4.5-jre by @dependabot in #3358
• build(deps): bump versions.guavaVersion from 33.4.5-jre to 33.4.6-jre by @dependabot in #3375
• build(deps): bump joda-time:joda-time from 2.13.1 to 2.14.0 by @dependabot in #3378

Full Changelog: v77.29.0...v77.30.0