github spring-projects/spring-security 5.5.1
on GitHub

latest releases: 6.2.4, 6.1.9, 5.8.12...
2 years ago

⭐ New Features

  • Consider adding a link checker to build #9972
  • Use Job Outputs to Transmit Error #9928
  • Store one request by default in WebSessionOAuth2ServerAuthorizationRequestRepository #9917
  • Combine different OS Build in one CI Job #9798
  • Use GPG_PRIVATE_KEY directly #9778

🪲 Bug Fixes

  • Update links to point to migrated samples #9971
  • Add messaging to documentation about sample migration #9970
  • Fix broken links in docs #9969
  • CORS section is missing in Reactive reference documentation #9952
  • RSocket documentation mentions non-existent class #9950
  • Disabling logout keeps LogoutPageGeneratingWebFilter registered at /logout #9941
  • Missing log of "caused by" exception when OP document metadata cannot be reached #9939
  • Missing support for private_key_jwt in ClientRegistrations #9936
  • Allow client registration from issuer uri with no authorize_endpoint #9935
  • Missing support for urn:ietf:params:oauth:grant-type:jwt-bearer in ClientRegistrations #9934
  • Using the SecurityMockServerConfigurers.java requires the com.nimbusds oauth2-oidc-sdk on the classpath #9929
  • Jwt client authentication converter should detect new key #9927
  • Adding filters relative to custom ones is broken #9906
  • SEC-3139: Anonymous authentication token not passed to Controller #9890
  • Clarify quick start section in README #9885
  • RSocket and WebClient with Security refCount: 0 #9870
  • spring-security-config kotlin-stdlib-jdk8 dependency isn't optional #9864
  • Client credentials not correctly encoded in Basic Auth #9858
  • Docs should state default value for Resource Server validation clock skew is 60 seconds #9849
  • OidcClientInitiatedLogoutSuccessHandler url-encodes PostLogoutRedirectUri twice #9819
  • DefaultSpringSecurityContextSource can't handle spaces in baseDn #9806
  • OAuth2ErrorResponseErrorHandler throws IllegalArgumentException for a nonstandard HTTP status code response #9805
  • NPE in HttpSessionSecurityContextRepository.isTransientAuthentication #9801
  • Fix Build Scan in Build Windows CI Job #9797
  • GitHub Actions only Activated for main #9777
  • Artifactory missing mavenJava publication #9774
  • spring-security-core depends on spring-security-crypto #9773

🔨 Dependency Upgrades

  • Update org.springframework to 5.3.8 #9984
  • Update org.slf4j to 1.7.31 #9983
  • Update org.jetbrains.kotlin to 1.5.10 #9982
  • Update hibernate-entitymanager to 5.4.32.Final #9981
  • Update org.eclipse.jetty to 9.4.42.v20210604 #9980
  • Update io.rsocket to 1.1.1 #9979
  • Remove commons-codec constraint #9977
  • Update to OpenSAML 4.1.1 #9976
  • Update to nimbus-jose-jwt 9.10 #9975
  • Update to oauth2-oidc-sdk 9.9 #9974
Check out latest releases or
releases around spring-projects/spring-security 5.5.1

Don't miss a new spring-security release

NewReleases is sending notifications on new releases.

Get notifications