Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade Spring Security 6.2.1 -> 6.2.2 #1038

Merged
merged 1 commit into from
Feb 19, 2024
Merged

Upgrade Spring Security 6.2.1 -> 6.2.2 #1038

merged 1 commit into from
Feb 19, 2024

Conversation

Picnic-Bot
Copy link
Contributor

This PR contains the following updates:

Package Type Update Change
Spring Security (source) import patch 6.2.1 -> 6.2.2

Release Notes

spring-projects/spring-security (Spring Security)

v6.2.2

Compare Source

⭐ New Features

  • Configuration examples in docs are out of date #​14392

🪲 Bug Fixes

  • "Span wasn't started - an observation must be started (not only created)" (Micrometer) due to observation handling in Spring Security Web? #​14568
  • HandlerMappingIntrospectorRequestTransformer is registered twice in AOT #​14367
  • OAuth2AuthorizationExchange is not serializable #​14405
  • WebTestUtilsTestRuntimeHints should implement RuntimeHintsRegistrar #​14468
  • Application context fails to load: Couldn't find FilterChainProxy #​14380
  • Back-Channel Logout should use localhost for internal logout request #​14553
  • Cannot configure SecurityContextRepository in CasAuthenticationFilter #​14536
  • Documentation about configuring SecuritySocketAcceptorInterceptor in Spring Boot is confusing #​14348
  • fix typo in anonymous.adoc #​14424
  • fix: typo in Authentication Architecture ProviderManager #​14448
  • Missing native-image reflection hint for HandlerMappingIntrospectorCachFilterFactoryBean #​14377
  • Missing native-image reflection hint for CsrfTokenRequestAttributeHandler$SupplierCsrfToken #​14470
  • ReactiveMethodSecurityConfiguration is initialized prematurely when the context contains a BeanPostProcessor #​14350
  • SAML relying party logout filter is always ordered last #​14551
  • Spring Security 6.2 defaults to InMemoryOidcSessionRegistry causing memory leaks in distributed systems with external session storage #​14558
  • Test using @WithMockUser fails with 401 UNAUTHORIZED with 3.2 #​14207
  • Typo: Update authorize-http-requests.adoc #​14563
  • Unexpected Exception Handling in NimbusReactiveJwtDecoder decode Method #​14496
  • X-Xss-Protection header "1; mode=block" differs in Servlet and Reactive #​14346

🔨 Dependency Upgrades

  • Bump com.fasterxml.jackson:jackson-bom from 2.15.3 to 2.15.4 #​14617
  • Bump Gamesight/slack-workflow-status from 1.2.0 to 1.3.0 #​14582
  • Bump Gradle Wrapper from 8.5 to 8.6 #​14547
  • Bump gradle/gradle-build-action from 2 to 3 #​14503
  • Bump io-spring-javaformat from 0.0.40 to 0.0.41 #​14439
  • Bump io.micrometer:micrometer-observation from 1.12.1 to 1.12.2 #​14429
  • Bump io.micrometer:micrometer-observation from 1.12.2 to 1.12.3 #​14589
  • Bump io.mockk:mockk from 1.13.8 to 1.13.9 #​14412
  • Bump io.projectreactor:reactor-bom from 2023.0.1 to 2023.0.2 #​14430
  • Bump io.projectreactor:reactor-bom from 2023.0.2 to 2023.0.3 #​14612
  • Bump io.spring.ge.conventions from 0.0.14 to 0.0.15 #​14463
  • Bump org-aspectj from 1.9.21 to 1.9.21.1 #​14605
  • Bump org-eclipse-jetty from 11.0.18 to 11.0.19 #​14354
  • Bump org-eclipse-jetty from 11.0.19 to 11.0.20 #​14518
  • Bump org.apereo.cas.client:cas-client-core from 4.0.3 to 4.0.4 #​14440
  • Bump org.jetbrains.kotlin:kotlin-bom from 1.9.21 to 1.9.22 #​14364
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.21 to 1.9.22 #​14363
  • Bump org.junit:junit-bom from 5.10.1 to 5.10.2 #​14543
  • Bump org.slf4j:slf4j-api from 2.0.10 to 2.0.11 #​14422
  • Bump org.slf4j:slf4j-api from 2.0.11 to 2.0.12 #​14554
  • Bump org.slf4j:slf4j-api from 2.0.9 to 2.0.10 #​14387
  • Bump org.springframework.data:spring-data-bom from 2023.1.1 to 2023.1.2 #​14455
  • Bump org.springframework.data:spring-data-bom from 2023.1.2 to 2023.1.3 #​14624
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.1 to 3.2.2 #​14616
  • Bump org.springframework:spring-framework-bom from 6.1.2 to 6.1.3 #​14454
  • Bump org.springframework:spring-framework-bom from 6.1.3 to 6.1.4 #​14615
  • Bump slackapi/slack-github-action from 1.24.0 to 1.25.0 #​14504
  • Bump spring-io/spring-github-workflows from eaf17a1 to 1e8b058 #​14583

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Amitmahato, @​andreasbuechel, @​boulce, and @​dependabot[bot]

  • If you want to rebase/retry this PR, check this box

@Picnic-Bot
Copy link
Contributor Author

Picnic-Bot commented Feb 17, 2024
edited by Stephan202
Loading

Suggested commit message:

Upgrade Spring Security 6.2.1 -> 6.2.2 (#1038)

See:
- https://github.com/spring-projects/spring-security/releases/tag/6.2.2
- https://github.com/spring-projects/spring-security/compare/6.2.1...6.2.2

@Stephan202 Stephan202 added this to the 0.16.0 milestone Feb 17, 2024
@Picnic-Bot Picnic-Bot force-pushed the renovate/spring-security-6.x branch 2 times, most recently from 5865c1b to 2d11549 Compare February 19, 2024 02:01
@rickie rickie force-pushed the renovate/spring-security-6.x branch from 2d11549 to 2243e24 Compare February 19, 2024 07:15
@github-actions GitHub Actions
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@rickie rickie merged commit 34b57b7 into master Feb 19, 2024
15 checks passed
@rickie rickie deleted the renovate/spring-security-6.x branch February 19, 2024 07:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rickie rickie rickie approved these changes

@Stephan202 Stephan202 Stephan202 approved these changes

Assignees
No one assigned
Labels
dependencies
Milestone
0.16.0
Development

Successfully merging this pull request may close these issues.
3 participants
@Picnic-Bot @Stephan202 @rickie