Skip to content

Bump org.springframework.security:spring-security-bom from 6.4.3 to 6.4.4 #3353

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 18, 2025
Merged

Bump org.springframework.security:spring-security-bom from 6.4.3 to 6.4.4 #3353

merged 1 commit into from
Mar 18, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 18, 2025

Bumps org.springframework.security:spring-security-bom from 6.4.3 to 6.4.4.

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

6.4.4

🪲 Bug Fixes

  • Add testRuntimeOnly junit-platform-launcher #16756
  • Align Method Traversal Algorithm with Spring Framework #16751
  • Disable Flaky WebAuthnWebDriverTests #16753
  • Fix @PostResult example in method-security doc #16628
  • Grammar Fixes in OAuth 2.0 JavaDoc #16619

🔨 Dependency Upgrades

  • Bump ch.qos.logback:logback-classic from 1.5.16 to 1.5.17 #16649
  • Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #16692
  • Bump com.webauthn4j:webauthn4j-core from 0.28.5.RELEASE to 0.28.6.RELEASE #16691
  • Bump io.micrometer:micrometer-observation from 1.14.4 to 1.14.5 #16715
  • Bump io.mockk:mockk from 1.13.16 to 1.13.17 #16675
  • Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16 #16725
  • Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to 6.6.11.Final #16748
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.23 to 4.33.24 #16669
  • Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17 #16650
  • Bump org.springframework.data:spring-data-bom from 2024.1.3 to 2024.1.4 #16749
  • Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #16733

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Kuba15, @​dependabot[bot], and @​pat-mccusker

Commits
  • 3d9cd31 Release 6.4.4
  • 04f530b opensamlFiveTest.extendsFrom testRuntimeOnly
  • bf619fc Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4
  • 488de5a Merge branch '6.3.x' into 6.4.x
  • 709d9bc Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18
  • 067ed2b Bump org.springframework.data:spring-data-bom from 2024.1.3 to 2024.1.4
  • 1db6718 Bump org.hibernate.orm:hibernate-core from 6.6.10.Final to 6.6.11.Final
  • 41fc383 Merge branch '6.3.x' into 6.4.x
  • d9bb16e Bump io.projectreactor:reactor-bom from 2023.0.15 to 2023.0.16
  • 1111491 Bump org.springframework.data:spring-data-bom from 2024.0.9 to 2024.0.10
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump org.springframework.security:spring-security-bom
0cdc11d 
Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) from 6.4.3 to 6.4.4.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.4.3...6.4.4)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the type: dependency-upgrade A dependency upgrade label Mar 18, 2025
@github-actions github-actions bot added this to the 3.4.3 milestone Mar 18, 2025
@spring-builds spring-builds enabled auto-merge (rebase) March 18, 2025 03:19
@spring-builds spring-builds merged commit e642b66 into main Mar 18, 2025
5 checks passed
@dependabot dependabot bot deleted the dependabot/gradle/main/org.springframework.security-spring-security-bom-6.4.4 branch March 18, 2025 03:29
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
type: dependency-upgrade A dependency upgrade
Projects
None yet
Milestone
3.4.3
Development

Successfully merging this pull request may close these issues.
1 participant
@spring-builds