Skip to content

Bump org.springframework.security:spring-security-bom from 6.5.0-M2 to 6.5.0-M3 #1935

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 18, 2025
Merged

Bump org.springframework.security:spring-security-bom from 6.5.0-M2 to 6.5.0-M3 #1935

merged 1 commit into from
Mar 18, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 18, 2025
edited
Loading

Bumps org.springframework.security:spring-security-bom from 6.5.0-M2 to 6.5.0-M3.

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

6.5.0-M3

⭐ New Features

  • Add HttpsRedirectFilter #16678
  • Add BadCredentialsException to OneTimeTokenAuthenticationProvider #16506
  • Add customizable RowMappers for user details and authorities in JdbcUserDetailsManager #16561
  • Add JwtAudienceValidator #16682
  • Add page section to migration-7 #16663
  • Add PathPatternRequestMatcher #16499
  • Add PathPatternRequestMatcher #16429
  • Add SingleResultAuthorizationManager #16612
  • Add support for automatic context-propagation with Micrometer #16665
  • Add Support ServerFormPostRedirectStrategy #16551
  • Add Type Validator #16672
  • Allow at+jwt, according to RFC-9068 #13186
  • Deprecate ChannelDecisionManager and components #16681
  • Deprecate ChannelSecurityConfigurer and components #16680
  • JwtDecoders should support issuer hostnames containing underscores #15853
  • Make DefaultOneTimeToken Serializable #16618
  • Polish AbstractAuthenticationTargetUrlRequestHandler #16557
  • Refactored Http403ForbiddenEntryPoint to use HttpStatus.FORBIDDEN.value #16616
  • Replace HttpSecurity#requiresChannel with HttpSecurity#redirectToHttps #16679
  • Use PortResolver Beans by Default #16664

🪲 Bug Fixes

  • Add missing migration-7/web.adoc to nav.adoc #16661
  • Add testRuntimeOnly junit-platform-launcher #16757
  • Disable Flaky WebAuthnWebDriverTests #16754
  • Fix JdbcUserCredentialRepository Save #16621
  • Fix ordering for security filter configuration #16558
  • Fix source type of migration-7/web.adoc #16662

🔨 Dependency Upgrades

  • Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17 #16654
  • Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #16689
  • Bump com.webauthn4j:webauthn4j-core from 0.28.5.RELEASE to 0.28.6.RELEASE #16690
  • Bump io.freefair.gradle:aspectj-plugin from 8.12.2.1 to 8.13 #16723
  • Bump io.micrometer:micrometer-observation from 1.14.4 to 1.14.5 #16716
  • Bump io.mockk:mockk from 1.13.16 to 1.13.17 #16674
  • Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16 #16722
  • Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to 6.6.11.Final #16745
  • Bump org.htmlunit:htmlunit from 4.9.0 to 4.10.0 #16639
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.23 to 4.34.1 #16671
  • Bump org.junit:junit-bom from 5.11.4 to 5.12.0 #16643
  • Bump org.junit:junit-bom from 5.11.4 to 5.12.1 #16744
  • Bump org.mockito:mockito-bom from 5.16.0 to 5.16.1 #16746
  • Bump org.seleniumhq.selenium:htmlunit3-driver from 4.28.0 to 4.29.0 #16641
  • Bump org.seleniumhq.selenium:selenium-java from 4.28.1 to 4.29.0 #16625

... (truncated)

Commits
  • f87a9ea Release 6.5.0-M3
  • 32069f5 Bump org.junit:junit-bom from 5.11.4 to 5.12.1
  • c8fea96 Merge branch '6.4.x'
  • 04f530b opensamlFiveTest.extendsFrom testRuntimeOnly
  • 40d0642 Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4
  • 1ccd407 Merge branch '6.4.x'
  • bf619fc Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4
  • 5df6179 Merge branch '6.4.x'
  • 488de5a Merge branch '6.3.x' into 6.4.x
  • 709d9bc Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the type: dependency-upgrade A dependency upgrade label Mar 18, 2025
@jgrandja jgrandja self-assigned this Mar 18, 2025
@jgrandja jgrandja added this to the 1.5.0-M2 milestone Mar 18, 2025
@dependabot
Bump org.springframework.security:spring-security-bom
ff46c84 
Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) from 6.5.0-M2 to 6.5.0-M3.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.5.0-M2...6.5.0-M3)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/gradle/main/org.springframework.security-spring-security-bom-6.5.0-M3 branch from 63cd589 to ff46c84 Compare March 18, 2025 14:17
@jgrandja jgrandja merged commit b5e7c1b into main Mar 18, 2025
9 checks passed
@dependabot dependabot bot deleted the dependabot/gradle/main/org.springframework.security-spring-security-bom-6.5.0-M3 branch March 18, 2025 14:27
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees

@jgrandja jgrandja

Labels
type: dependency-upgrade A dependency upgrade
Projects
None yet
Milestone
1.5.0-M2
Development

Successfully merging this pull request may close these issues.
1 participant
@jgrandja