Skip to content

Pull requests: spring-projects/spring-security

New pull request New
48 Open 4,442 Closed
48 Open 4,442 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Warning when EnableTransactionManagement has lower precedence than EnableMethodSecurity status: waiting-for-triage An issue we've not yet triaged
#17665 opened Aug 5, 2025 by yybmion Loading…
1
Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE type: dependency-upgrade A dependency upgrade
#17661 opened Aug 4, 2025 by dependabot bot Loading…
Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.24.Final type: dependency-upgrade A dependency upgrade
#17660 opened Aug 4, 2025 by dependabot bot Loading…
Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.24.Final type: dependency-upgrade A dependency upgrade
#17659 opened Aug 4, 2025 by dependabot bot Loading…
Bump org.hibernate.orm:hibernate-core from 7.0.8.Final to 7.0.9.Final type: dependency-upgrade A dependency upgrade
#17658 opened Aug 4, 2025 by dependabot bot Loading…
Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE type: dependency-upgrade A dependency upgrade
#17657 opened Aug 4, 2025 by dependabot bot Loading…
Validate account status in OneTimeTokenAuthenticationProvider status: waiting-for-triage An issue we've not yet triaged
#17656 opened Aug 2, 2025 by therepanic Loading…
1
1
Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 type: dependency-upgrade A dependency upgrade
#17642 opened Jul 31, 2025 by dependabot bot Loading…
Add Referrer-Policy header to default security headers status: waiting-for-triage An issue we've not yet triaged
#17606 opened Jul 23, 2025 by therepanic Loading…
1
Remove PortResolver status: waiting-for-triage An issue we've not yet triaged
#17524 opened Jul 14, 2025 by kse-music Loading…
1
Add createdTime field to SessionInformation in: core An issue in spring-security-core type: enhancement A general enhancement
#17513 opened Jul 13, 2025 by therepanic Loading…
1
@jgrandja
3
PKCE configuration - enabled by default in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: breaks-passivity A change that breaks passivity with the previous release
#17507 opened Jul 10, 2025 by rohan-naik07 Loading…
@jgrandja
3
Add lambda DSL method for featurePolicy status: waiting-for-triage An issue we've not yet triaged
#17492 opened Jul 7, 2025 by therepanic Loading…
1
2
Implement equals and hashCode in OidcIdToken status: waiting-for-triage An issue we've not yet triaged
#17485 opened Jul 4, 2025 by therepanic Loading…
1
2
Remove ACL access implementations in favor of AclPermissionEvaluator in: acl An issue in spring-security-acl status: blocked An issue that's blocked on an external project change type: breaks-passivity A change that breaks passivity with the previous release
#17475 opened Jul 3, 2025 by therepanic Loading…
1
@jzheaux
1
Change FilterBasedLdapUserSearch to use LdapClient status: waiting-for-triage An issue we've not yet triaged
#17384 opened Jun 29, 2025 by therepanic Loading…
1
Allow specifying a ServerAuthenticationConverter for x509() status: waiting-for-triage An issue we've not yet triaged
#17382 opened Jun 27, 2025 by blake-bauman Loading…
Allow multiple ServerLogoutHandler instances in ServerHttpSecurity in: config An issue in spring-security-config type: enhancement A general enhancement
#17381 opened Jun 27, 2025 by blake-bauman Loading… 7.0.x
@jzheaux
10
Remove AllowFromStrategy in favor of ContentSecurityPolicy status: waiting-for-triage An issue we've not yet triaged
#17358 opened Jun 25, 2025 by therepanic Loading…
1
Convert to use LdapClient instead of SpringSecurityLdapTemplate in Pa… status: waiting-for-triage An issue we've not yet triaged
#17324 opened Jun 21, 2025 by minkukjo Loading…
1
1
Adjust log message to include guidance for XML users status: waiting-for-triage An issue we've not yet triaged
#17317 opened Jun 20, 2025 by x7Git Loading…
Improve authoritiesClaimName validation in JwtGrantedAuthoritiesConverter in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17247 opened Jun 14, 2025 by chanbinme Loading…
@jzheaux
10
Ensure ID Token is updated after refresh token (Reactive) in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17246 opened Jun 14, 2025 by evgeniycheban Draft 7.0.x
1
@jgrandja
Fix PublicKeyCredentialType.PUBLIC_KEY comparison with Spring Session in: web An issue in web modules (web, webmvc) status: feedback-provided Feedback has been provided type: bug A general bug
#17223 opened Jun 10, 2025 by ltanguy Loading…
1
@rwinch
2
Add Support DPoP Customization in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
#17202 opened Jun 3, 2025 by franticticktick Draft 7.0.x
1
@jgrandja
1
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.