github spring-projects/spring-security 7.1.0
on GitHub

5 hours ago

🪲 Bug Fixes

  • Opaque token introspectors should not allow empty credentials #19201

🔨 Dependency Upgrades

  • Bump @springio/antora-extensions from 1.14.11 to 1.14.12 in /docs #19235
  • Bump actions/checkout from 6.0.2 to 6.0.3 #19271
  • Bump antora from 3.2.0-alpha.11 to 3.2.0-alpha.12 in /docs #19181
  • Bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.33 #19228
  • Bump ch.qos.logback:logback-classic from 1.5.33 to 1.5.34 #19268
  • Bump com.fasterxml.jackson:jackson-bom from 2.21.2 to 2.21.3 #19133
  • Bump com.fasterxml.jackson:jackson-bom from 2.21.3 to 2.22.0 #19246
  • Bump com.google.code.gson:gson from 2.13.2 to 2.14.0 #19125
  • Bump com.nimbusds:oauth2-oidc-sdk from 11.37 to 11.37.1 #19157
  • Bump com.nimbusds:oauth2-oidc-sdk from 11.37 to 11.37.2 #19195
  • Bump com.webauthn4j:webauthn4j-core from 0.31.3.RELEASE to 0.31.5.RELEASE #19148
  • Bump com.webauthn4j:webauthn4j-core from 0.31.5.RELEASE to 0.31.6.RELEASE #19263
  • Bump gradle-wrapper from 9.4.1 to 9.5.0 #19135
  • Bump gradle-wrapper from 9.5.0 to 9.5.1 #19171
  • Bump io-micrometer from 1.16.5 to 1.17.0 #19287
  • Bump io.mockk:mockk from 1.14.9 to 1.14.11 #19244
  • Bump io.projectreactor:reactor-bom from 2025.0.5 to 2025.0.6 #19296
  • Bump org-jetbrains-kotlin from 2.3.20 to 2.3.21 #19126
  • Bump org-jetbrains-kotlin from 2.3.21 to 2.4.0 #19264
  • Bump org-opensaml5 from 5.2.1 to 5.2.2 #19176
  • Bump org.apache.maven:maven-resolver-provider from 3.9.15 to 3.9.16 #19190
  • Bump org.apereo.cas.client:cas-client-core from 4.1.0 to 4.1.1 #19200
  • Bump org.hibernate.orm:hibernate-core from 7.3.1.Final to 7.3.2.Final #19119
  • Bump org.hibernate.orm:hibernate-core from 7.3.2.Final to 7.3.3.Final #19149
  • Bump org.hibernate.orm:hibernate-core from 7.3.3.Final to 7.3.4.Final #19165
  • Bump org.hibernate.orm:hibernate-core from 7.3.4.Final to 7.3.5.Final #19191
  • Bump org.hibernate.orm:hibernate-core from 7.3.5.Final to 7.3.6.Final #19211
  • Bump org.hibernate.orm:hibernate-core from 7.3.6.Final to 7.4.0.Final #19226
  • Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.10.2 to 1.11.0 #19166
  • Bump org.junit:junit-bom from 6.0.3 to 6.1.0 #19197
  • Bump org.slf4j:slf4j-api from 2.0.17 to 2.0.18 #19169
  • Bump org.springframework.data:spring-data-bom from 2025.1.5 to 2025.1.6 #19290
  • Bump org.springframework.ldap:spring-ldap-core from 4.0.3 to 4.1.0 #19291
  • Bump org.springframework:spring-framework-bom from 7.0.7 to 7.0.8 #19285
  • Bump spring-io/spring-release-actions from 0.0.4 to 0.0.5 #19179
  • Bump tools.jackson:jackson-bom from 3.1.2 to 3.1.3 #19147
  • Bump tools.jackson:jackson-bom from 3.1.3 to 3.1.4 #19245
  • Bump tools.jackson:jackson-bom from 3.1.4 to 3.2.0 #19286
  • Update to spring-data-bom 2026.0.0 #19303

🔩 Build Updates

Check out latest releases or
releases around spring-projects/spring-security 7.1.0

Don't miss a new spring-security release

NewReleases is sending notifications on new releases.

Get notifications