Skip to content

Bump spring-security-core from 5.4.6 to 5.5.0 #244

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 18, 2021
Merged

Bump spring-security-core from 5.4.6 to 5.5.0 #244

merged 1 commit into from
May 18, 2021

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 18, 2021

Bumps spring-security-core from 5.4.6 to 5.5.0.

Release notes

Sourced from spring-security-core's releases.

5.5.0

⭐ New Features

  • Configure user name used for Gradle CI builds #9747
  • HttpSessionOAuth2AuthorizationRequestRepository storing one OAuth2AuthorizationRequest #9649
  • Incorrect javadoc in AuthorizationCodeOAuth2AuthorizedClientProvider #9708
  • Restore Dependency Constraints for commons-codec and commons-logging #8836
  • Stop CI Jobs on Forks #9717
  • Update javadoc AuthorizationCodeOAuth2AuthorizedClientProvider #9730

🔨 Dependency Upgrades

  • Update io.projectreactor to 2020.0.7 #9750
  • Update io.spring.nohttp to 0.0.8 #9753
  • Update org.springframework to 5.3.7 #9754
  • Update org.springframework.data to 2021.0.1 #9755
  • Update r2dbc-spi-test to 0.8.5.RELEASE #9752
  • Update spring-ldap-core to 2.3.4.RELEASE #9756
  • Update to com.gradle.enterprise 3.6.1 #9764
  • Update to Gradle. 6.9 #9758
  • Update to Kotlin 1.5.0 #9763

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

5.5.0-RC2

⏪ Breaking Changes

  • Rename DelegatingAuthorizationManager to RequestMatcherDelegatingAuthorizationManager #9692
  • Inline ResourceKeyConverterAdapter #9689

⭐ New Features

  • Add Ability to Exclude Minor Version Bump #9709
  • Add Task to Check if All Issues in GitHub Milestone are closed #9693
  • rename master->main #9683
  • Make Csrf cookie secure flag configurable (WebFlux) #9679
  • Make the cookie secure flag configurable in CookieServerCsrfTokenRepository #9678
  • Add RELEASE.adoc #9627

🔨 Dependency Upgrades

  • Update ehcache to 2.10.9.2 #9712
  • Update hibernate-entitymanager to 5.4.31.Final #9714

... (truncated)

Changelog

Sourced from spring-security-core's changelog.

$ ./scripts/release/wait-for-done.sh 5.5.0

= Announce the release on Slack

.... spring-security-announcing 5.5.0 is available. ....

= Tag the release

  • Tag the release and then push the tag

.... git tag 5.4.0-RC1 git push origin 5.4.0-RC1 ....

== 7. Update to Next Development Version

  • Update gradle.properties version to next +SNAPSHOT+ version and then push

== 8. Update version on project page

The following command will update https://spring.io/projects/spring-security#learn with the new release version using the following parameters

- Replace with a https://github.com/settings/tokens[GitHub personal access token] that has a scope of public_repo - Replace with the milestone you are releasing now (i.e. 5.5.0-RC1) - Replace with the previous release which will be removed from the listed versions (i.e. 5.5.0-M3)

[source,bash]

$ ./gradlew saganCreateRelease saganDeleteRelease -PgitHubAccessToken= -PnextVersion= -PpreviousVersion=

== 9. Update Release Notes on GitHub

Generate the Release Notes replacing:

  • - Replace with the milestone you are releasing now (i.e. 5.5.0-RC1)

$ ./gradlew generateChangelog -P

... (truncated)

Commits
  • abd1001 Fix SpringNexsPublishPlugin spacing in root
  • 39c5f3d Fix closeAndReleaseOssrhStagingRepository
  • 05dd693 Delay until PublishAllJavaComponentsPlugin
  • 0392495 Update GitHub Actions to use publishArtifacts
  • 4d25115 opensaml4MainCompile
  • 1491f2e Fix saml javadoc
  • 777a275 fix bom
  • b750f3b copyproperties for bom plugin
  • b0f661f Revert "Map optional dependencies to Maven"
  • d8e4f6c Revert "Management no longer operates on optional/provided to spring-security...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot requested a review from sjoerdtalsma May 18, 2021 07:16
sjoerdtalsma
sjoerdtalsma approved these changes May 18, 2021
View reviewed changes
Copy link
Contributor

@sjoerdtalsma sjoerdtalsma left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All checks pass, dependency bump looks ok.

@sjoerdtalsma sjoerdtalsma merged commit dfb7f5c into develop May 18, 2021
@sjoerdtalsma sjoerdtalsma deleted the dependabot/maven/org.springframework.security-spring-security-core-5.5.0 branch May 18, 2021 14:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sjoerdtalsma sjoerdtalsma sjoerdtalsma approved these changes

Assignees

@sjoerdtalsma sjoerdtalsma

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sjoerdtalsma