⭐ New Features
- Add nullability contract to
PasswordEncoder#encode#18334 - Create Jackson Mixin for OneTimeTokenAuthenticationToken #18096
- Fix javadoc warnings for spring-security-oauth2-client #18483
- Fix spring-security-oauth2-core compiler warnings #18482
- Replacing use of deprecated 'check' in authorization documentation #18471
- Update to JDK 25 (release = 17) #18512
- Use DefaultParameterNameDiscoverer#getSharedInstance #18484
🪲 Bug Fixes
- Add Missing
@NullMarked#18514 - Broken OAuth2AuthorizationRequestRedirectFilter constructor tests #18507
- Fix duplicated use-authorization-manager in docs #18478
- Fix Nullability on Collections/Arrays #18511
🔨 Dependency Upgrades
- Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25 #18521
- Bump io.projectreactor:reactor-bom from 2025.0.1 to 2025.0.2 #18494
- Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.6 to 0.0.9 #18371
- Bump org.springframework.data:spring-data-bom from 2025.1.1 to 2025.1.2 #18520
- Bump org.springframework:spring-framework-bom from 7.0.3-SNAPSHOT to 7.0.3 #18515
- Update jococo 0.8.14 #18508
- Update to Gradle 9.2.1 #18510
- Update to Kotlin 2.3.0 #18509
❤️ Contributors
Thank you to all the contributors who worked on this release:
@dasog94, @marcusdacoregio, @paulvas, @qkrrlgus114, and @scordio