github spring-projects/spring-security 6.2.0-RC1

latest releases: 6.4.0-RC1, 5.7.13, 5.8.15...
pre-release13 months ago

⭐ New Features

  • Add servletPath support to AuthorizeHttpRequests #13857
  • Allow AuthenticationConverter to be settable in BasicAuthenticationFilter #13989
  • Dependabot should consider minor versions for org.springframework* on main #14029
  • Document how to publish an AuthenticationManager @Bean without WebSecurityConfigurerAdapter #14016
  • Update doc references for forwarded headers support #13880
  • Use Gradle's Version Catalog #13872

🪲 Bug Fixes

  • Breaking change in AuthorizeHttpRequestsConfigurer #14012
  • Dependency convergence failed: nimbus-jose-jwt #13972
  • Fix snapshot_tests on CI workflow #13879
  • Fix parsing of GET SAML logout requests #14024
  • Saml-Metadata with special characters is corrupted #13862
  • Saml2LogoutRequestMixin relayState property should be binding #13943
  • Update http.adoc: IP number does not follow IP number format #13969

🔨 Dependency Upgrades

  • Bump com.fasterxml.jackson:jackson-bom from 2.15.2 to 2.15.3 #14005
  • Bump com.github.spullara.mustache.java:compiler from 0.9.10 to 0.9.11 #13983
  • Bump com.github.spullara.mustache.java:compiler from 0.9.4 to 0.9.10 #13929
  • Bump com.google.code.gson:gson from 2.8.6 to 2.8.9 #13962
  • Bump com.gradle.enterprise from 3.12.3 to 3.12.6 #13960
  • Bump com.unboundid:unboundid-ldapsdk from 6.0.9 to 6.0.10 #13932
  • Bump Gradle Wrapper from 8.3 to 8.4 #13975
  • Bump io.freefair.gradle:aspectj-plugin from 6.6-rc1 to 6.6.3 #13933
  • Bump io.mockk:mockk from 1.13.7 to 1.13.8 #13902
  • Bump io.spring.ge.conventions from 0.0.7 to 0.0.14 #13931
  • Bump org-apache-maven-resolver from 1.9.15 to 1.9.16 #13894
  • Bump org-eclipse-jetty from 11.0.16 to 11.0.17 #14002
  • Bump org.apache.maven:maven-resolver-provider from 3.9.4 to 3.9.5 #13963
  • Bump org.hibernate.orm:hibernate-core from 6.3.0.CR1 to 6.3.1.Final #13905
  • Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.29.0 to 4.29.4 #13964
  • Update io.micrometer:micrometer-observation to 1.12.0-RC1 #14027
  • Update io.projectreactor:reactor-bom to 2023.0.0-RC1 #14028
  • Update org.springframework.data:spring-data-bom to 2023.1.0-RC1 #14025
  • Update org.springframework.ldap:spring-ldap-core to 3.2.0-RC1 #14026
  • Update org.springframework:spring-framework-bom to 6.1.0-RC1 #14023
  • Update to io.freefair.aspectj 8.4 #14017
  • Update to org.apereo.cas.client:cas-client-core 4.0.3 #13948

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

Don't miss a new spring-security release

NewReleases is sending notifications on new releases.