🪲 Bug Fixes
- Annotation expression template processing should not fail on Class parameter types #15711
- Disabling credentials erasure on custom AuthenticationManager is not working #15808
- Documentation inconsistency in AuthorizationManager's verify method return type #15822
- Methods annotated with
@PostFilterare processed twice by PostFilterAuthorizationMethodInterceptor #15676 - OidcBackChannelLogoutTokenValidator should not construct when missing OIDC Provider Issuer #15868
- SecurityJackson2Modules.getModules(): Cannot load module org.springframework.security.cas.jackson2.CasJackson2Module #15767
- The additionalParameters array parameter of OAuth2AuthorizationRequest causes the authorizationRequestUri to be incorrect #15829
🔨 Dependency Upgrades
- Bump ch.qos.logback:logback-classic from 1.5.10 to 1.5.11 #15926
- Bump io.micrometer:micrometer-observation from 1.12.10 to 1.12.11 #15917
- Bump io.mockk:mockk from 1.13.12 to 1.13.13 #15897
- Bump io.projectreactor:reactor-bom from 2023.0.10 to 2023.0.11 #15925
- Bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.1 to 3.0.2 #15694
- Bump org-eclipse-jetty from 11.0.23 to 11.0.24 #15731
- Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.33.21 to 4.33.22 #15761
- Bump org.junit:junit-bom from 5.10.4 to 5.10.5 #15883
- Bump org.springframework.data:spring-data-bom from 2024.0.4 to 2024.0.5 #15958
- Bump org.springframework.ldap:spring-ldap-core from 3.2.6 to 3.2.7 #15944
- Bump org.springframework:spring-framework-bom from 6.1.13 to 6.1.14 #15945
🔩 Build Updates
- Bump
@antora/collector-extension from 1.0.0-beta.2 to 1.0.0-beta.3 in /docs #15907 - Bump
@springio/asciidoctor-extensions from 1.0.0-alpha.13 to 1.0.0-alpha.14 in /docs #15836 - Migrate slack notifications to GChat #15668
- Release 6.3.4 #15964
- Update eclipse/vscode configuration to use -parameters #15681
❤️ Contributors
Thank you to all the contributors who worked on this release:
@dependabot[bot] and @kse-music