Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump spring-security-bom from 5.3.4.RELEASE to 5.4.0 #439

Merged
merged 1 commit into from
Sep 14, 2020
Merged

Bump spring-security-bom from 5.3.4.RELEASE to 5.4.0 #439

merged 1 commit into from
Sep 14, 2020

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 10, 2020

Bumps spring-security-bom from 5.3.4.RELEASE to 5.4.0.

Release notes

Sourced from spring-security-bom's releases.

5.4.0

⭐ New Features

  • Add What's New in 5.4 #9002
  • Add What's New in 5.4 Section to Docs #9001
  • Add Resource Server Servlet Logging #9000
  • Simplify saml2Login Samples #8990
  • Remove Framework Tests from saml2Login Sample #8989
  • Add authenticationManagerResolver to resource server Kotlin DSL #8981
  • Generalize SAML 2.0 Assertion Validation Support #8970
  • Update abstract-authentication-processing-filter.adoc #8965
  • Add spring-javaformat checkstyle and formatting #8946
  • Add hasAnyRole and hasAnyAuthority to authorizeRequests in Kotlin DSL #8926
  • Add hasAnyAuthority(String...) and hasAnyRole(String...) to authorizeRequests in Kotlin DSL #8892
  • Resolve oauth2 client-id, client-secret placeholders #8880
  • Restructure SAML 2.0 documentation #8763
  • security:client-registrations doesn't take propertyconfigurer properties #8453

🪲 Bug Fixes

  • Clickjacking demo in docs: YouTube link in X-Frame-Options section leads to private video #8986
  • NoClassDefFoundError: AuthMetadataFlyweight at o.s.s.r.m.SimpleAuthenticationEncoder #8948
  • SAML attributes not parsed correctly with prefixed XML elements #8864
  • Don't use oidc scopes_supported for scope as default in ClientRegistrations #8790
  • scopes_supported metadata should not be used as default in ClientRegistrations #8514

🔨 Dependency Upgrades

  • Set springDataVersion to Neumann-SR+ #9007
  • Set rsocketVersion to 1.0.+ #9006

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

5.4.0-RC1

⭐ New Features

  • Deprecate CustomUserTypesOAuth2UserService #8908
  • Deprecate ClientRegistration.redirectUriTemplate #8906
  • Allow for custom ClientRegistration.clientAuthenticationMethod #8903
  • Deprecate ImplicitGrantConfigurer #8902
  • Remove use of Mono.deferWithContext() #8901
Commits
  • 651c94b Disable parallel deployment build in Jenkins
  • 7681fa6 Release 5.4.0
  • 3d0e459 Lock Dependency Versions for 5.4.0
  • 6222c5f Add What's New in 5.4
  • edecb47 Set springDataVersion to Neumann-SR+
  • 8615c4a Set rsocketVersion to 1.0.+
  • 94bc197 Polish "Add Spring Checkstyle with all checks disabled"
  • 4e2a050 Customizer for WebSecurity
  • bf067d6 Add Logging to Resource Server
  • 593a556 Remove broken link from docs
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Sep 10, 2020
@sonarcloud
Copy link

sonarcloud bot commented Sep 10, 2020

Kudos, SonarCloud Quality Gate passed!

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities (and Security Hotspot 0 Security Hotspots to review)
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

warning The version of Java (1.8.0_265) you have used to run this analysis is deprecated and we will stop accepting it from October 2020. Please update to at least Java 11.
Read more here

@ynojima ynojima merged commit 36142d7 into master Sep 14, 2020
@ynojima ynojima deleted the dependabot/gradle/org.springframework.security-spring-security-bom-5.4.0 branch September 14, 2020 10:46
@ynojima ynojima added this to the 0.7.1.RELEASE milestone Apr 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Milestone
0.7.1.RELEASE
Development

Successfully merging this pull request may close these issues.
1 participant
@ynojima