Skip to content

Bump org.springframework.security:spring-security-config from 5.8.14 to 5.8.15 #945

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 14, 2024
Merged

Bump org.springframework.security:spring-security-config from 5.8.14 to 5.8.15 #945

merged 1 commit into from
Nov 14, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 22, 2024
edited
Loading

Bumps org.springframework.security:spring-security-config from 5.8.14 to 5.8.15.

Release notes

Sourced from org.springframework.security:spring-security-config's releases.

5.8.15

⭐ New Features

  • Address unnecessary method invocation in AbstractRequestMatcherRegistry #15718
  • The SecuredAuthorizationManager can now find @Secured annotations on … #15014

🪲 Bug Fixes

  • Disabling credentials erasure on custom AuthenticationManager is not working #15683
  • Methods annotated with @PostFilter are processed twice by PostFilterAuthorizationMethodInterceptor #15624
  • SecurityJackson2Modules.getModules(): Cannot load module org.springframework.security.cas.jackson2.CasJackson2Module #15749
  • The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect #15533

🔨 Dependency Upgrades

  • Bump io.projectreactor.tools:blockhound from 1.0.9.RELEASE to 1.0.10.RELEASE #15928
  • Bump org-eclipse-jetty from 9.4.55.v20240627 to 9.4.56.v20240826 #15730
  • Bump org.springframework.ldap:spring-ldap-core from 2.4.1 to 2.4.2 #15941

🔩 Build Updates

  • Bump @antora/collector-extension from 1.0.0-beta.2 to 1.0.0-beta.3 in /docs #15908
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.13 to 1.0.0-alpha.14 in /docs #15837
  • Migrate slack notifications to GChat #15503
  • Release 5.8.15 #15963

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Commits
  • 72a208e Release 5.8.15
  • 542071b Merge Add Firewall for WebFlux
  • 4ce7cde Add Firewall for WebFlux
  • c66ee4a Bump org.springframework.ldap:spring-ldap-core from 2.4.1 to 2.4.2
  • 517ea7f Bump io.projectreactor.tools:blockhound
  • fe79766 Bump @​antora/collector-extension in /docs
  • 755e9f2 Bump @​springio/asciidoctor-extensions in /docs
  • 7b7a304 Polish gh-15533
  • 8a79102 Fix array values of additionalParameters
  • 0a4eb0f Update credential erasure examples
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added this to the 3.2.x milestone Oct 22, 2024
@jzheaux jzheaux modified the milestones: 3.2.x, 3.2.8 Nov 14, 2024
@jzheaux
Copy link
Collaborator

jzheaux commented Nov 14, 2024

@dependabot rebase

@dependabot
Bump org.springframework.security:spring-security-config
a8a8e16 
Bumps [org.springframework.security:spring-security-config](https://github.com/spring-projects/spring-security) from 5.8.14 to 5.8.15.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@5.8.14...5.8.15)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-config
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/gradle/3.2.x/org.springframework.security-spring-security-config-5.8.15 branch from ec982c9 to a8a8e16 Compare November 14, 2024 18:42
@jzheaux jzheaux merged commit b300ea3 into 3.2.x Nov 14, 2024
3 checks passed
@dependabot dependabot bot deleted the dependabot/gradle/3.2.x/org.springframework.security-spring-security-config-5.8.15 branch November 14, 2024 18:54
@jzheaux jzheaux self-assigned this Dec 12, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees

@jzheaux jzheaux

Labels
in: build type: dependency-upgrade A dependency upgrade
Projects
None yet
Milestone
3.2.8
Development

Successfully merging this pull request may close these issues.
1 participant
@jzheaux