spring-projects/spring-security 6.2.7 on GitHub

🪲 Bug Fixes

Disabling credentials erasure on custom AuthenticationManager is not working #15807
Documentation inconsistency in AuthorizationManager's verify method return type #15704
Fix code format in OIDC Logout docs #15566
Fix OIDC Logout docs: Session Strategy vs. Registry #15686
Methods annotated with @PostFilter are processed twice by PostFilterAuthorizationMethodInterceptor #15675
Methods annotated with @PostFilter are processed twice by PostFilterAuthorizationMethodInterceptor #15651
SecurityJackson2Modules.getModules(): Cannot load module org.springframework.security.cas.jackson2.CasJackson2Module #15766
The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect #15828

Bump Gradle Wrapper from 8.10.1 to 8.10.2 #15841
Bump io.micrometer:micrometer-observation from 1.12.10 to 1.12.11 #15919
Bump io.mockk:mockk from 1.13.12 to 1.13.13 #15896
Bump io.projectreactor:reactor-bom from 2023.0.10 to 2023.0.11 #15927
Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.1 to 3.0.2 #15693
Bump org-eclipse-jetty from 11.0.23 to 11.0.24 #15733
Bump org.junit:junit-bom from 5.10.4 to 5.10.5 #15880
Bump org.springframework.data:spring-data-bom from 2023.1.10 to 2023.1.11 #15962
Bump org.springframework.ldap:spring-ldap-core from 3.2.6 to 3.2.7 #15946
Bump org.springframework:spring-framework-bom from 6.1.13 to 6.1.14 #15947

Bump @antora/collector-extension from 1.0.0-beta.2 to 1.0.0-beta.3 in /docs #15910
Bump @springio/asciidoctor-extensions from 1.0.0-alpha.13 to 1.0.0-alpha.14 in /docs #15838
Bump Gradle Wrapper from 8.7 to 8.10 #15609
CORS documentation should use UrlBasedCorsConfigurationSource #15769
Migrate slack notifications to GChat #15667
Release 6.2.7 #15965
Update CORS document #15784
Update eclipse/vscode configuration to use -parameters #15680

Thank you to all the contributors who worked on this release: