Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump version.springframework.security from 5.5.3 to 5.6.0 #1194

Merged
merged 1 commit into from
Nov 17, 2021
Merged

Bump version.springframework.security from 5.5.3 to 5.6.0 #1194

merged 1 commit into from
Nov 17, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 16, 2021

Bumps version.springframework.security from 5.5.3 to 5.6.0.
Updates spring-security-core from 5.5.3 to 5.6.0

Release notes

Sourced from spring-security-core's releases.

5.6.0-RC1

⏪ Breaking Changes

  • Conditionally resolve bearer token from request parameters #10340
  • DefaultBearerTokenResolver triggers processing of multipart content #10326
  • getClaimAsBoolean should not be falsy #10148
  • getClaimAsBoolean() should not be falsy #10356

⭐ New Features

  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10335
  • Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10336
  • Add postProcess support to Saml2LogoutConfigurer, closes gh-10311 #10339
  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10341
  • Add standard OAuth 2.0 error code invalid_redirect_uri #10370
  • Add Supplier JwtDecoders #10310
  • Allow Defining Custom SAML 2.0 Assertion Signature Validator #10264
  • Allow setting custom BodyExtractor to the AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10269
  • AuthenticationPrincipal argument type cannot be primitive #10172
  • Check for multiple access tokens per rfc 6750 #10302
  • Deprecate Kotlin methods that have equivalents using reified types #10365
  • Fix Antora cross-references that lead to other pages. #10345
  • Fix typo in digest.adoc #10304
  • Implement reactive support for JWT as an Authorization Grant #10327
  • Implement reactive support for JWT as an Authorization Grant #10147
  • Implement reactive support for JWT Client Authentication #10146
  • Improve Method Security logging #10279
  • Introduce JwtEncoder #9208
  • JwtDecoders and NimbusJwtDecoder should use the same JWKSource #10312
  • OAuth2LoginAuthenticationProvider information loss at exception handling #10228
  • please support lazily doing issuer checks (and all other checks) on startup for oauth resource servers #9991
  • Revamp OAuth 2.0 Client reactive documentation #10373
  • Saml2WebSsoAuthenticationFilter adds authentication details #10306
  • Saml2WebSsoAuthenticationFilter ignores the authentication details #7722
  • Structure101 Build Plugin #9768
  • Use Antora #5835

🔨 Dependency Upgrades

  • Update Gradle to 7.0 #9615
  • Update Gradle to 7.2 #10338

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

... (truncated)

Commits

Updates spring-security-crypto from 5.5.3 to 5.6.0

Release notes

Sourced from spring-security-crypto's releases.

5.6.0-RC1

⏪ Breaking Changes

  • Conditionally resolve bearer token from request parameters #10340
  • DefaultBearerTokenResolver triggers processing of multipart content #10326
  • getClaimAsBoolean should not be falsy #10148
  • getClaimAsBoolean() should not be falsy #10356

⭐ New Features

  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10335
  • Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10336
  • Add postProcess support to Saml2LogoutConfigurer, closes gh-10311 #10339
  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10341
  • Add standard OAuth 2.0 error code invalid_redirect_uri #10370
  • Add Supplier JwtDecoders #10310
  • Allow Defining Custom SAML 2.0 Assertion Signature Validator #10264
  • Allow setting custom BodyExtractor to the AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10269
  • AuthenticationPrincipal argument type cannot be primitive #10172
  • Check for multiple access tokens per rfc 6750 #10302
  • Deprecate Kotlin methods that have equivalents using reified types #10365
  • Fix Antora cross-references that lead to other pages. #10345
  • Fix typo in digest.adoc #10304
  • Implement reactive support for JWT as an Authorization Grant #10327
  • Implement reactive support for JWT as an Authorization Grant #10147
  • Implement reactive support for JWT Client Authentication #10146
  • Improve Method Security logging #10279
  • Introduce JwtEncoder #9208
  • JwtDecoders and NimbusJwtDecoder should use the same JWKSource #10312
  • OAuth2LoginAuthenticationProvider information loss at exception handling #10228
  • please support lazily doing issuer checks (and all other checks) on startup for oauth resource servers #9991
  • Revamp OAuth 2.0 Client reactive documentation #10373
  • Saml2WebSsoAuthenticationFilter adds authentication details #10306
  • Saml2WebSsoAuthenticationFilter ignores the authentication details #7722
  • Structure101 Build Plugin #9768
  • Use Antora #5835

🔨 Dependency Upgrades

  • Update Gradle to 7.0 #9615
  • Update Gradle to 7.2 #10338

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

... (truncated)

Commits

Updates spring-security-config from 5.5.3 to 5.6.0

Release notes

Sourced from spring-security-config's releases.

5.6.0-RC1

⏪ Breaking Changes

  • Conditionally resolve bearer token from request parameters #10340
  • DefaultBearerTokenResolver triggers processing of multipart content #10326
  • getClaimAsBoolean should not be falsy #10148
  • getClaimAsBoolean() should not be falsy #10356

⭐ New Features

  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10335
  • Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10336
  • Add postProcess support to Saml2LogoutConfigurer, closes gh-10311 #10339
  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10341
  • Add standard OAuth 2.0 error code invalid_redirect_uri #10370
  • Add Supplier JwtDecoders #10310
  • Allow Defining Custom SAML 2.0 Assertion Signature Validator #10264
  • Allow setting custom BodyExtractor to the AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10269
  • AuthenticationPrincipal argument type cannot be primitive #10172
  • Check for multiple access tokens per rfc 6750 #10302
  • Deprecate Kotlin methods that have equivalents using reified types #10365
  • Fix Antora cross-references that lead to other pages. #10345
  • Fix typo in digest.adoc #10304
  • Implement reactive support for JWT as an Authorization Grant #10327
  • Implement reactive support for JWT as an Authorization Grant #10147
  • Implement reactive support for JWT Client Authentication #10146
  • Improve Method Security logging #10279
  • Introduce JwtEncoder #9208
  • JwtDecoders and NimbusJwtDecoder should use the same JWKSource #10312
  • OAuth2LoginAuthenticationProvider information loss at exception handling #10228
  • please support lazily doing issuer checks (and all other checks) on startup for oauth resource servers #9991
  • Revamp OAuth 2.0 Client reactive documentation #10373
  • Saml2WebSsoAuthenticationFilter adds authentication details #10306
  • Saml2WebSsoAuthenticationFilter ignores the authentication details #7722
  • Structure101 Build Plugin #9768
  • Use Antora #5835

🔨 Dependency Upgrades

  • Update Gradle to 7.0 #9615
  • Update Gradle to 7.2 #10338

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

... (truncated)

Commits

Updates spring-security-web from 5.5.3 to 5.6.0

Release notes

Sourced from spring-security-web's releases.

5.6.0-RC1

⏪ Breaking Changes

  • Conditionally resolve bearer token from request parameters #10340
  • DefaultBearerTokenResolver triggers processing of multipart content #10326
  • getClaimAsBoolean should not be falsy #10148
  • getClaimAsBoolean() should not be falsy #10356

⭐ New Features

  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10335
  • Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10336
  • Add postProcess support to Saml2LogoutConfigurer, closes gh-10311 #10339
  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10341
  • Add standard OAuth 2.0 error code invalid_redirect_uri #10370
  • Add Supplier JwtDecoders #10310
  • Allow Defining Custom SAML 2.0 Assertion Signature Validator #10264
  • Allow setting custom BodyExtractor to the AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10269
  • AuthenticationPrincipal argument type cannot be primitive #10172
  • Check for multiple access tokens per rfc 6750 #10302
  • Deprecate Kotlin methods that have equivalents using reified types #10365
  • Fix Antora cross-references that lead to other pages. #10345
  • Fix typo in digest.adoc #10304
  • Implement reactive support for JWT as an Authorization Grant #10327
  • Implement reactive support for JWT as an Authorization Grant #10147
  • Implement reactive support for JWT Client Authentication #10146
  • Improve Method Security logging #10279
  • Introduce JwtEncoder #9208
  • JwtDecoders and NimbusJwtDecoder should use the same JWKSource #10312
  • OAuth2LoginAuthenticationProvider information loss at exception handling #10228
  • please support lazily doing issuer checks (and all other checks) on startup for oauth resource servers #9991
  • Revamp OAuth 2.0 Client reactive documentation #10373
  • Saml2WebSsoAuthenticationFilter adds authentication details #10306
  • Saml2WebSsoAuthenticationFilter ignores the authentication details #7722
  • Structure101 Build Plugin #9768
  • Use Antora #5835

🔨 Dependency Upgrades

  • Update Gradle to 7.0 #9615
  • Update Gradle to 7.2 #10338

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

... (truncated)

Commits

Updates spring-security-taglibs from 5.5.3 to 5.6.0

Release notes

Sourced from spring-security-taglibs's releases.

5.6.0-RC1

⏪ Breaking Changes

  • Conditionally resolve bearer token from request parameters #10340
  • DefaultBearerTokenResolver triggers processing of multipart content #10326
  • getClaimAsBoolean should not be falsy #10148
  • getClaimAsBoolean() should not be falsy #10356

⭐ New Features

  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10335
  • Add parameters converter support to AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10336
  • Add postProcess support to Saml2LogoutConfigurer, closes gh-10311 #10339
  • Add saml2.ValidIssuers parameter into SAML 2.0 Assertion Validators #10341
  • Add standard OAuth 2.0 error code invalid_redirect_uri #10370
  • Add Supplier JwtDecoders #10310
  • Allow Defining Custom SAML 2.0 Assertion Signature Validator #10264
  • Allow setting custom BodyExtractor to the AbstractWebClientReactiveOAuth2AccessTokenResponseClient #10269
  • AuthenticationPrincipal argument type cannot be primitive #10172
  • Check for multiple access tokens per rfc 6750 #10302
  • Deprecate Kotlin methods that have equivalents using reified types #10365
  • Fix Antora cross-references that lead to other pages. #10345
  • Fix typo in digest.adoc #10304
  • Implement reactive support for JWT as an Authorization Grant #10327
  • Implement reactive support for JWT as an Authorization Grant #10147
  • Implement reactive support for JWT Client Authentication #10146
  • Improve Method Security logging #10279
  • Introduce JwtEncoder #9208
  • JwtDecoders and NimbusJwtDecoder should use the same JWKSource #10312
  • OAuth2LoginAuthenticationProvider information loss at exception handling #10228
  • please support lazily doing issuer checks (and all other checks) on startup for oauth resource servers #9991
  • Revamp OAuth 2.0 Client reactive documentation #10373
  • Saml2WebSsoAuthenticationFilter adds authentication details #10306
  • Saml2WebSsoAuthenticationFilter ignores the authentication details #7722
  • Structure101 Build Plugin #9768
  • Use Antora #5835

🔨 Dependency Upgrades

  • Update Gradle to 7.0 #9615
  • Update Gradle to 7.2 #10338

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump version.springframework.security from 5.5.3 to 5.6.0
e7a934e 
Bumps `version.springframework.security` from 5.5.3 to 5.6.0.

Updates `spring-security-core` from 5.5.3 to 5.6.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@5.5.3...5.6.0)

Updates `spring-security-crypto` from 5.5.3 to 5.6.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@5.5.3...5.6.0)

Updates `spring-security-config` from 5.5.3 to 5.6.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@5.5.3...5.6.0)

Updates `spring-security-web` from 5.5.3 to 5.6.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@5.5.3...5.6.0)

Updates `spring-security-taglibs` from 5.5.3 to 5.6.0
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@5.5.3...5.6.0)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.springframework.security:spring-security-crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.springframework.security:spring-security-config
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.springframework.security:spring-security-web
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.springframework.security:spring-security-taglibs
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 16, 2021
@CarstenHollmann CarstenHollmann merged commit 28a81a2 into develop Nov 17, 2021
@dependabot dependabot bot deleted the dependabot/maven/version.springframework.security-5.6.0 branch November 17, 2021 07:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@CarstenHollmann