github spring-projects/spring-security 6.0.0-M7
on GitHub

latest releases: 6.4.0-RC1, 5.7.13, 5.8.15...
pre-release2 years ago

⏪ Breaking Changes

  • csrfRequestAttributeName = _csrf #11764
  • Remove Configuration meta-annotation from Enable* annotations #11653
  • Remove unsafe/deprecated Encryptors.querableText(CharSequence,CharSequence) #8980
  • Use SHA256 by default in Remember Me #11520

⭐ New Features

  • Add native hints for basic @PostAuthorize usage #11737
  • Add native-image support for PreAuthorize #11446
  • Performance enhancement in HttpSessionRequestCache #11750
  • Remove FilterSecurityInterceptor from WebSecurity #11325
  • Remove setAuthenticationManager from HttpSecurityConfiguration #11776

🪲 Bug Fixes

  • Document in xsd security-context-explicit-save defaults to true #11773
  • Fix IP address parse error message in IpAddressMatcher#parseAddress() #11713
  • NamespaceLdapAuthenticationProviderTests Should Use Dynamic Port #11710
  • org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal fails to return more than one "attribute" #11042
  • Sources and javadocs missing in latest snapshots #10602
  • Update javadoc of HttpSecurity, WebSecurityConfiguration and WebSecurity to reflect deprecation of WebSecurityConfigurerAdapter #11288

🔨 Dependency Upgrades

  • Update aspectj-plugin to 6.5.1 #11859
  • Update com.nimbusds to 9.43.1 #11858
  • Update Gradle Enterprise plugin to 3.11.1 #11832
  • Update hibernate-core to 6.1.3.Final #11867
  • Update hsqldb to 2.7.0 #11868
  • Update htmlunit to 2.64.0 #11865
  • Update htmlunit-driver to 2.64.0 #11872
  • Update io.projectreactor to 3.5.0-M6 #11861
  • Update io.rsocket to 1.1.3 #11863
  • Update jackson-bom to 2.13.4 #11855
  • Update jackson-databind to 2.13.4 #11856
  • Update jackson-datatype-jsr310 to 2.13.4 #11857
  • Update jakarta.inject to 2.0.1 #11864
  • Update junit-bom to 5.9.0 #11870
  • Update logback-classic to 1.4.1 #11854
  • Update mockk to 1.12.8 #11860
  • Update org.eclipse.jetty to 11.0.12 #11866
  • Update org.mockito to 4.8.0 #11871
  • Update org.springframework to 6.0.0-M6 #11833
  • Update reactor-netty to 1.1.0-M6 #11862
  • Update to mockito 4.7.0 #11749
  • Upgrade to Spring LDAP 3.0.0-M3 #11718

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Check out latest releases or
releases around spring-projects/spring-security 6.0.0-M7

Don't miss a new spring-security release

NewReleases is sending notifications on new releases.

Get notifications