Skip to content

fix(deps): update dependency org.springframework.security:spring-security-bom to v6

Jednotné přihlášení test requested to merge renovate/major-spring-security into main

This MR contains the following updates:

Package Type Update Change
org.springframework.security:spring-security-bom (source) import major 5.8.0 -> 6.0.0

Release Notes

spring-projects/spring-security

v6.0.0

Compare Source

Breaking Changes

  • CsrfAuthenticationStrategy is not consistent with CsrfFilter #​12235
  • Register FilterChainProxy for all dispatcher types #​12180

New Features

  • Add test runtime hints for annotations using @WithSecurityContext #​12215
  • Add WebTestUtils test runtime hints #​12216
  • Align with Servlet API 6 #​12146
  • Document Configure Default SessionAuthenticationStrategy #​12192
  • Document DelegatingSecurityContextRepository #​12185
  • Improve deprecation notice in WebSecurityConfigurerAdapter #​12262
  • Log a warning when AuthorizationGrantType does not exactly match a pre-defined constant #​12234
  • Migration guide for the removal of CAS #​12163
  • Polish Span and Meter Names #​12225
  • Register FilterChainProxy for All Dispatcher Types Migration Steps #​12212
  • Restructure 6.0 Migration Guide #​12242
  • Support Jakarta WebSocket 2.1 #​12148

🐞 Bug Fixes

  • CsrfAuthenticationStrategy does not check for existing token #​12241
  • Ensure instrumentation names align with semantic conventions #​12156
  • Incorrect scope map fix #​12207
  • SAML logout: Incorrect log messages #​12210
  • Saml2MetadataFilter response should configure writer to UTF-8 #​12223

🔨 Dependency Upgrades

  • Update micrometer-observation to 1.10.1 #​12250
  • Update org.springframework to 6.0.0 #​12255
  • Update org.springframework.data to 2022.0.0 #​12256
  • Update r2dbc-h2 to 1.0.0.RELEASE #​12251
  • Update slf4j-api to 2.0.4 #​12254
  • Update spring-ldap-core to 3.0.0 #​12257

Contributors

We'd like to thank all the contributors who worked on this release!

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by Jednotné přihlášení test

Merge request reports