• JDK 17
• Jakarta EE 9/10/11+ (no javax.* namespace)
• Spring 6/7+ and SpringBoot 3/4+
• Guice 7/8+

Breaking Changes:

• Made default implementation of PrincipalCollection immutable (ImmutablePrincipalCollection)

Security improvements:

• Case-insensitive path matching is now enabled by default (hardened by default)
• Added NoAccessFilter and add it to the default filter chain (breaking change, hardened-by-default)
• [#2799] enh: warn if realm authentication fails by @lprimak in https://github.com/apache/shiro/pull/2798
• Web RememberMe and Guice Enhancements by @lprimak in https://github.com/apache/shiro/pull/2800
• Enable CORS preflight requests by default

Other Changes:

• Modernized Java code to JDK 17 baseline
• Added fluent API in MergableAuthenticationInfo class
• Improved thread-safety of Shiro-native sessions (SimpleSession, SimpleSessionFactory, CachingSessionDAO)
• Multi-Release JAR in order to support different JDK version levels, and JDK 25 Scoped values
• Using Java Scoped for Subject and SecurityManager instead of ThreadLocals on JDK 25+
• Separated out ShiroFilterFactoryBeanPostProcessor to fix post processing warnings in Spring
• Using AssertJ for testing

Removals of deprecated artifacts

• Removed Shiro BOM - no longer necessary
• Removed EhCache module in favor of JCache
• Removed Hazelcast module in favor of JCache
• Removed deprecated SimplePrincipalCollection class
• Removed deprecated RandomSessionIdGenerator class
• Removed deprecated HttpSessionContext class
• Removed deprecated JavaEnvironment class
• Removed deprecated XmlSerializer.java class
• Removed JakartaTransformer class and it's jakartify() method
• Removed Spring/Boot ShiroUrlPathHelper class
• Removed Spring/Boot's remoting support
• Removed Spring/Boot deprecated ShiroRequestMappingConfig class
• Removed samples and tests associated with deprecated modules

• JDK 21 (JDK 25 required to release)
• Jakarta EE 11 (build-time default)
• Spring 7/SpringBoot 4 (build-time default)
• Guice 8 (build-time default)

• [#1584] Merge 3.x branch into main by @lprimak in https://github.com/apache/shiro/pull/2772

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.2.1...shiro-root-3.0.0

• Switch pre-commit to ASF approved prek-action by @jbampton in https://github.com/apache/shiro/pull/2705
• chore(deps): bump https://github.com/zizmorcore/zizmor-pre-commit from v1.24.1 to 1.25.2 in the pre-commit-hooks group by @dependabot[bot] in https://github.com/apache/shiro/pull/2709
• chore(deps): bump org.apache.commons:commons-configuration2 from 2.14.0 to 2.15.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2706
• [#2704] [#2710] Fixed Session fixation-related regressions by @lprimak in https://github.com/apache/shiro/pull/2711
• chore(deps): bump org.apache:apache from 37 to 38 by @dependabot[bot] in https://github.com/apache/shiro/pull/2700
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.6 to 0.25.7 by @dependabot[bot] in https://github.com/apache/shiro/pull/2699
• chore(deps): bump slf4j.version from 2.0.17 to 2.0.18 by @dependabot[bot] in https://github.com/apache/shiro/pull/2694
• Add AGENTS.md + SECURITY.md linking the project's security model by @potiuk in https://github.com/apache/shiro/pull/2702
• chore(deps): bump log4j.version from 2.25.4 to 2.26.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2697
• chore(deps): bump the github-actions-dependencies group with 3 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2696
• chore(deps): bump org.apache.johnzon:johnzon-jsonb from 1.2.22 to 1.3.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2698
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.10 to 3.6.11 by @dependabot[bot] in https://github.com/apache/shiro/pull/2729
• chore(deps): bump org.apache.cxf:cxf-bom from 3.6.10 to 3.6.11 by @dependabot[bot] in https://github.com/apache/shiro/pull/2728
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.7 to 0.26.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2727
• chore(deps): bump org.omnifaces:omnifaces from 3.14.20 to 3.14.21 by @dependabot[bot] in https://github.com/apache/shiro/pull/2725
• chore(deps): bump org.apache.commons:commons-configuration2 from 2.15.0 to 2.15.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2724
• chore(deps): bump the github-actions-dependencies group with 3 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2723
• chore(deps-dev): bump arquillian.core.version from 1.10.1.Final to 1.10.2.Final by @dependabot[bot] in https://github.com/apache/shiro/pull/2722
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.10 to 3.6.11 by @dependabot[bot] in https://github.com/apache/shiro/pull/2721
• [CI] Add pre-commit hook to validate the CITATION file; Add missing required field message by @jbampton in https://github.com/apache/shiro/pull/2717
• [CI] Add hook to validate dependabot.yml with pre-commit by @jbampton in https://github.com/apache/shiro/pull/2716
• chore: add branch protection rules by @lprimak in https://github.com/apache/shiro/pull/2701
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.34 by @dependabot[bot] in https://github.com/apache/shiro/pull/2748
• chore(deps): bump ch.qos.logback:logback-core from 1.5.32 to 1.5.34 by @dependabot[bot] in https://github.com/apache/shiro/pull/2749
• chore(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.14 to 0.8.15 by @dependabot[bot] in https://github.com/apache/shiro/pull/2765
• chore(deps): bump the github-actions-dependencies group across 1 directory with 2 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2756
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.3.1 to 5.0.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2753
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.6 to 3.3.7 by @dependabot[bot] in https://github.com/apache/shiro/pull/2750
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.26.0 to 0.26.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2751
• [CI] Pin to sha all pre-commit hooks and clean up by @jbampton in https://github.com/apache/shiro/pull/2730
• Configure EditorConfig for more file types by @jbampton in https://github.com/apache/shiro/pull/2747
• Update and expand the CITATION file by @jbampton in https://github.com/apache/shiro/pull/2766
• chore(deps): bump bytebuddy.version from 1.18.8 to 1.18.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2752
• [#2760] chore: update shiro.doap file with more recent versions and maintainers by @lprimak in https://github.com/apache/shiro/pull/2768
• chore(jacoco): added exclusion for weld client proxy by @lprimak in https://github.com/apache/shiro/pull/2769
• [#2758] Deprecate RandomSessionIdGenerator due to insufficient entropy by @lprimak in https://github.com/apache/shiro/pull/2770

• @potiuk made their first contribution in https://github.com/apache/shiro/pull/2702

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.2.0...shiro-root-2.2.1

• chore(deps): bump ch.qos.logback:logback-core from 1.5.26 to 1.5.27 by @dependabot[bot] in https://github.com/apache/shiro/pull/2515
• chore(deps-dev): bump io.openliberty.tools:liberty-maven-plugin from 3.11.5 to 3.12.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2513
• chore(deps-dev): bump org.jboss.arquillian.graphene:graphene-webdriver from 3.0.0-alpha.4 to 3.0.0.Final by @dependabot[bot] in https://github.com/apache/shiro/pull/2512
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 by @dependabot[bot] in https://github.com/apache/shiro/pull/2511
• chore(deps): bump the github-dependencies group with 2 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2510
• Enable markdownlint rule MD040 by @jbampton in https://github.com/apache/shiro/pull/2507
• CONTRIBUTING: whitespace cleanup for codeblocks by @jbampton in https://github.com/apache/shiro/pull/2506
• Actions labeler: add label for groovy files by @jbampton in https://github.com/apache/shiro/pull/2491
• Add 3 more pre-commit hooks by @jbampton in https://github.com/apache/shiro/pull/2490
• pre-commit: add markdown-link-check by @jbampton in https://github.com/apache/shiro/pull/2519
• Fix typos in java integration-tests for jakarta-ee by @jbampton in https://github.com/apache/shiro/pull/2520
• chore: regenerate ignored words list codespell.txt by @jbampton in https://github.com/apache/shiro/pull/2521
• Enable markdown-lint rule MD034 by @jbampton in https://github.com/apache/shiro/pull/2522
• markdown-lint: set line length to 180 by @jbampton in https://github.com/apache/shiro/pull/2523
• chore: fix typos in Java tests by @jbampton in https://github.com/apache/shiro/pull/2524
• chore: standardize markdown heading underlines by @jbampton in https://github.com/apache/shiro/pull/2525
• chore: fix spelling / word casing in java docs by @jbampton in https://github.com/apache/shiro/pull/2526
• yamllint enable rule checking for comments by @jbampton in https://github.com/apache/shiro/pull/2527
• [#2489] Add CITATION.cff for Apache Shiro by @iampratap7997-dot in https://github.com/apache/shiro/pull/2518
• gha: actions/checkout set persist-credentials: false by @jbampton in https://github.com/apache/shiro/pull/2532
• chore: remove unneeded duplicate words in java docs by @jbampton in https://github.com/apache/shiro/pull/2531
• gha: pr labeler label more file types by @jbampton in https://github.com/apache/shiro/pull/2530
• Add official pre-commit hook pretty-format-json by @jbampton in https://github.com/apache/shiro/pull/2529
• yamllint add rule checking for braces and brackets by @jbampton in https://github.com/apache/shiro/pull/2528
• chore: standardize XML declarations by @jbampton in https://github.com/apache/shiro/pull/2558
• chore(deps-dev): bump org.apache.maven.plugins:maven-pmd-plugin from 3.26.0 to 3.28.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2555
• misc(java): remove unneeded duplicate words by @jbampton in https://github.com/apache/shiro/pull/2556
• chore(deps): bump org.apache.maven.plugins:maven-war-plugin from 3.4.0 to 3.5.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2553
• chore(deps): bump org.apache.johnzon:johnzon-jsonb from 1.2.21 to 1.2.22 by @dependabot[bot] in https://github.com/apache/shiro/pull/2552
• chore(deps): bump github/codeql-action from 4.32.1 to 4.32.2 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2536
• chore(deps): bump org.apache.commons:commons-configuration2 from 2.12.0 to 2.13.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2551
• chore(deps): bump org.apache.cxf:cxf-bom from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2550
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 by @dependabot[bot] in https://github.com/apache/shiro/pull/2548
• chore(deps): bump org.apache.rat:apache-rat-plugin from 0.16.1 to 0.17 by @dependabot[bot] in https://github.com/apache/shiro/pull/2545
• chore(deps-dev): bump org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to 3.4.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2533
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2542
• chore(deps): bump ch.qos.logback:logback-core from 1.5.27 to 1.5.28 by @dependabot[bot] in https://github.com/apache/shiro/pull/2541
• chore(deps): bump commons-cli:commons-cli from 1.9.0 to 1.11.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2537
• chore(deps): bump org.apache.karaf.features:framework from 4.4.7 to 4.4.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2540
• yamllint enable rule checking for line length by @jbampton in https://github.com/apache/shiro/pull/2557
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2543
• Add EditorConfig checker with pre-commit by @jbampton in https://github.com/apache/shiro/pull/2559
• chore(deps): bump ch.qos.logback:logback-core from 1.5.28 to 1.5.32 by @dependabot[bot] in https://github.com/apache/shiro/pull/2573
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.32 by @dependabot[bot] in https://github.com/apache/shiro/pull/2572
• chore(deps): bump github/codeql-action from 4.32.2 to 4.32.3 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2564
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.3.0 to 4.3.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2566
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2571
• chore(deps): bump org.apache.cxf:cxf-bom from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2570
• chore(deps): bump bytebuddy.version from 1.18.4 to 1.18.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2568
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.4 to 3.3.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2567
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2565
• chore(deps): bump org.apache.karaf.features:framework from 4.4.9 to 4.4.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2569
• chore(deps): bump com.github.mjeanroy:junit-servers-jetty-9 from 3.4.0 to 3.5.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2561
• [#2488] chore: add .gitattributes file for line ending normalization and file… by @lprimak in https://github.com/apache/shiro/pull/2574
• Configure EditorConfig for groovy,cff,yaml,yml by @jbampton in https://github.com/apache/shiro/pull/2576
• chore(deps): bump the github-dependencies group with 3 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2577
• Add pre-commit hook to stop zip files being committed by @jbampton in https://github.com/apache/shiro/pull/2580
• Decouple codespell from pre-commit config with rc file by @jbampton in https://github.com/apache/shiro/pull/2581
• docs(java): fix typo by @jbampton in https://github.com/apache/shiro/pull/2582
• security: pre-commit add zizmor static analysis for actions by @jbampton in https://github.com/apache/shiro/pull/2583
• gha(labeler): indent YAML with 2 spaces by @jbampton in https://github.com/apache/shiro/pull/2584
• Add manual stage pre-commit hook chmod for markdown permissions by @jbampton in https://github.com/apache/shiro/pull/2586
• chore(deps): bump org.yaml:snakeyaml from 2.5 to 2.6 by @dependabot[bot] in https://github.com/apache/shiro/pull/2607
• chore(deps): bump bytebuddy.version from 1.18.5 to 1.18.7 by @dependabot[bot] in https://github.com/apache/shiro/pull/2604
• chore(deps): bump the github-dependencies group with 2 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2603
• yamllint enable document-start rule checking by @jbampton in https://github.com/apache/shiro/pull/2585
• [#2578] Filter extra cookies on resubmit by @lprimak in https://github.com/apache/shiro/pull/2588
• chore(deps): bump actions/dependency-review-action from 4.8.3 to 4.9.0 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2608
• chore(deps): bump mockito.version from 5.21.0 to 5.22.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2602
• chore(deps-dev): bump commons-logging:commons-logging from 1.3.5 to 1.3.6 by @dependabot[bot] in https://github.com/apache/shiro/pull/2614
• Add pre-commit ecosystem to Dependabot; fix markdown-link-check by @jbampton in https://github.com/apache/shiro/pull/2620
• chore(deps): bump github/codeql-action from 4.32.5 to 4.32.6 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2611
• chore(deps): bump org.projectlombok:lombok from 1.18.42 to 1.18.44 by @dependabot[bot] in https://github.com/apache/shiro/pull/2623
• chore(deps): bump the github-dependencies group with 4 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2621
• chore(deps-dev): bump org.apache.maven.plugins:maven-resources-plugin from 3.4.0 to 3.5.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2613
• chore(deps): bump org.apache.tomcat:tomcat-catalina from 9.0.112 to 9.0.113 in /integration-tests/meecrowave-support by @dependabot[bot] in https://github.com/apache/shiro/pull/2616
• chore(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.112 to 9.0.113 in /samples/spring-boot-web by @dependabot[bot] in https://github.com/apache/shiro/pull/2617
• chore(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 9.0.112 to 9.0.113 in /samples/web-jakarta by @dependabot[bot] in https://github.com/apache/shiro/pull/2619
• chore(deps): bump org.apache.tomcat.embed:tomcat-embed-core from 10.1.49 to 10.1.50 in /samples/spring-boot-3-web by @dependabot[bot] in https://github.com/apache/shiro/pull/2618
• chore(deps): bump org.apache.tomcat:tomcat-catalina from 9.0.112 to 9.0.113 in /samples/web-jakarta by @dependabot[bot] in https://github.com/apache/shiro/pull/2615
• chore(deps): bump org.omnifaces:omnifaces from 3.14.12 to 3.14.13 by @dependabot[bot] in https://github.com/apache/shiro/pull/2612
• Add descriptive labels to dependabot groups by @jbampton in https://github.com/apache/shiro/pull/2626
• chore(deps): bump https://github.com/gitleaks/gitleaks from v8.30.0 to 8.30.1 in the pre-commit-hooks group by @dependabot[bot] in https://github.com/apache/shiro/pull/2628
• chore(deps): bump mockito.version from 5.22.0 to 5.23.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2627
• [#2633] bugfix(jakarta-ee): form resubmit: login submit response processing f… by @lprimak in https://github.com/apache/shiro/pull/2632
• [#2630] enh: update description is GitHub by @lprimak in https://github.com/apache/shiro/pull/2634
• chore(deps): bump github/codeql-action from 4.32.6 to 4.33.0 in the github-actions-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2638
• chore(deps-dev): bump arquillian.core.version from 1.10.0.Final to 1.10.1.Final by @dependabot[bot] in https://github.com/apache/shiro/pull/2637
• [CI] Create reusable pre-commit workflows by @jbampton in https://github.com/apache/shiro/pull/2635
• chore(deps): bump org.apache.rat:apache-rat-plugin from 0.17 to 0.18 by @dependabot[bot] in https://github.com/apache/shiro/pull/2641
• chore(deps): bump the github-actions-dependencies group with 2 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2640
• chore(deps): bump log4j.version from 2.25.3 to 2.25.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2643
• chore(deps): bump github/codeql-action from 4.34.1 to 4.35.1 in the github-actions-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2644
• chore(deps): bump org.omnifaces:omnifaces from 3.14.13 to 3.14.15 by @dependabot[bot] in https://github.com/apache/shiro/pull/2645
• chore(deps): bump https://github.com/rhysd/actionlint from v1.7.11 to 1.7.12 in the pre-commit-hooks group by @dependabot[bot] in https://github.com/apache/shiro/pull/2649
• chore(deps): bump bytebuddy.version from 1.18.7 to 1.18.8 by @dependabot[bot] in https://github.com/apache/shiro/pull/2656
• chore(deps): bump org.apache.commons:commons-configuration2 from 2.13.0 to 2.14.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2658
• chore(deps): bump org.owasp:dependency-check-maven from 12.2.0 to 12.2.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2660
• chore(deps): bump https://github.com/zizmorcore/zizmor-pre-commit from v1.23.1 to 1.24.1 in the pre-commit-hooks group by @dependabot[bot] in https://github.com/apache/shiro/pull/2661
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.4 to 0.25.6 by @dependabot[bot] in https://github.com/apache/shiro/pull/2666
• chore(deps): bump the github-actions-dependencies group across 1 directory with 3 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2667
• chore(deps-dev): bump org.javassist:javassist from 3.30.2-GA to 3.31.0-GA by @dependabot[bot] in https://github.com/apache/shiro/pull/2668
• chore(deps): bump org.jsoup:jsoup from 1.22.1 to 1.22.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2669
• chore(deps-dev): bump org.jboss.arquillian.graphene:graphene-webdriver from 3.0.0.Final to 3.0.1.Final by @dependabot[bot] in https://github.com/apache/shiro/pull/2671
• chore(deps): bump org.omnifaces:omnifaces from 3.14.15 to 3.14.20 by @dependabot[bot] in https://github.com/apache/shiro/pull/2673
• chore(deps): bump org.projectlombok:lombok from 1.18.44 to 1.18.46 by @dependabot[bot] in https://github.com/apache/shiro/pull/2675
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.5 to 3.3.6 by @dependabot[bot] in https://github.com/apache/shiro/pull/2672
• chore(deps-dev): bump org.bouncycastle:bcprov-jdk18on from 1.82 to 1.84 by @dependabot[bot] in https://github.com/apache/shiro/pull/2662
• chore(deps): bump https://github.com/oxipng/oxipng from v10.1.0 to 10.1.1 in the pre-commit-hooks group by @dependabot[bot] in https://github.com/apache/shiro/pull/2676
• [CI] Add ASF Allowlist Check workflow by @jbampton in https://github.com/apache/shiro/pull/2687
• chore(deps): bump org.owasp:dependency-check-maven from 12.2.1 to 12.2.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2692
• chore(deps): bump org.apache.karaf.features:framework from 4.4.10 to 4.4.11 by @dependabot[bot] in https://github.com/apache/shiro/pull/2691
• chore(deps): bump github/codeql-action from 4.35.2 to 4.35.3 in the github-actions-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2689

• @iampratap7997-dot made their first contribution in https://github.com/apache/shiro/pull/2518

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.1.0...shiro-root-2.2.0

• [#1548] - redefines PrincipalCollection interface to be intended as immutable by @janitza-mage in https://github.com/apache/shiro/pull/1582
• Fix deprecation warnings by @lprimak in https://github.com/apache/shiro/pull/1630
• Refactor: AssertJ best practices by @timtebeek by @lprimak in https://github.com/apache/shiro/pull/1454
• Set pom version to 3.0.0-SNAPSHOT by @fpapon in https://github.com/apache/shiro/pull/1646
• [#1499] - Deleted Quartz module. by @Himakar in https://github.com/apache/shiro/pull/1581
• Revert "[#1499] - Deleted Quartz module." by @lprimak in https://github.com/apache/shiro/pull/1820
• chore(deps): update to junit 6.0.1 and consolidate junit engine and a… by @lprimak in https://github.com/apache/shiro/pull/2358
• chore(3.x): Migrate to jakarta EE 10 using OpenRewrite by @rgcv in https://github.com/apache/shiro/pull/2224
• [#1585] Migrate to Jakarta EE 10 (3.x) by @rgcv in https://github.com/apache/shiro/pull/2018
• enh[3.x]: Adds default NoAccess configuration to the default filter chain by @lprimak in https://github.com/apache/shiro/pull/2461
• [#1585] Jakarta namespace and java 17 for 3x by @nsoft in https://github.com/apache/shiro/pull/2017
• chore(deps): bump ch.qos.logback:logback-core from 1.5.26 to 1.5.27 by @dependabot[bot] in https://github.com/apache/shiro/pull/2515
• chore(deps-dev): bump io.openliberty.tools:liberty-maven-plugin from 3.11.5 to 3.12.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2513
• chore(deps-dev): bump org.jboss.arquillian.graphene:graphene-webdriver from 3.0.0-alpha.4 to 3.0.0.Final by @dependabot[bot] in https://github.com/apache/shiro/pull/2512
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 by @dependabot[bot] in https://github.com/apache/shiro/pull/2511
• chore(deps): bump the github-dependencies group with 2 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2510
• Enable markdownlint rule MD040 by @jbampton in https://github.com/apache/shiro/pull/2507
• CONTRIBUTING: whitespace cleanup for codeblocks by @jbampton in https://github.com/apache/shiro/pull/2506
• Actions labeler: add label for groovy files by @jbampton in https://github.com/apache/shiro/pull/2491
• Add 3 more pre-commit hooks by @jbampton in https://github.com/apache/shiro/pull/2490
• [3.x] Karaf needs update by @fpapon in https://github.com/apache/shiro/pull/2517
• pre-commit: add markdown-link-check by @jbampton in https://github.com/apache/shiro/pull/2519
• Fix typos in java integration-tests for jakarta-ee by @jbampton in https://github.com/apache/shiro/pull/2520
• chore: regenerate ignored words list codespell.txt by @jbampton in https://github.com/apache/shiro/pull/2521
• Enable markdown-lint rule MD034 by @jbampton in https://github.com/apache/shiro/pull/2522
• markdown-lint: set line length to 180 by @jbampton in https://github.com/apache/shiro/pull/2523
• chore: fix typos in Java tests by @jbampton in https://github.com/apache/shiro/pull/2524
• chore: standardize markdown heading underlines by @jbampton in https://github.com/apache/shiro/pull/2525
• chore: fix spelling / word casing in java docs by @jbampton in https://github.com/apache/shiro/pull/2526
• yamllint enable rule checking for comments by @jbampton in https://github.com/apache/shiro/pull/2527
• [#2489] Add CITATION.cff for Apache Shiro by @iampratap7997-dot in https://github.com/apache/shiro/pull/2518
• gha: actions/checkout set persist-credentials: false by @jbampton in https://github.com/apache/shiro/pull/2532
• chore: remove unneeded duplicate words in java docs by @jbampton in https://github.com/apache/shiro/pull/2531
• gha: pr labeler label more file types by @jbampton in https://github.com/apache/shiro/pull/2530
• Add official pre-commit hook pretty-format-json by @jbampton in https://github.com/apache/shiro/pull/2529
• yamllint add rule checking for braces and brackets by @jbampton in https://github.com/apache/shiro/pull/2528
• chore: standardize XML declarations by @jbampton in https://github.com/apache/shiro/pull/2558
• chore(deps-dev): bump org.apache.maven.plugins:maven-pmd-plugin from 3.26.0 to 3.28.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2555
• misc(java): remove unneeded duplicate words by @jbampton in https://github.com/apache/shiro/pull/2556
• chore(deps): bump org.apache.maven.plugins:maven-war-plugin from 3.4.0 to 3.5.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2553
• chore(deps): bump org.apache.johnzon:johnzon-jsonb from 1.2.21 to 1.2.22 by @dependabot[bot] in https://github.com/apache/shiro/pull/2552
• chore(deps): bump github/codeql-action from 4.32.1 to 4.32.2 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2536
• chore(deps): bump org.apache.commons:commons-configuration2 from 2.12.0 to 2.13.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2551
• chore(deps): bump org.apache.cxf:cxf-bom from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2550
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 by @dependabot[bot] in https://github.com/apache/shiro/pull/2548
• chore(deps): bump org.apache.rat:apache-rat-plugin from 0.16.1 to 0.17 by @dependabot[bot] in https://github.com/apache/shiro/pull/2545
• chore(deps-dev): bump org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to 3.4.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2533
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2542
• chore(deps): bump ch.qos.logback:logback-core from 1.5.27 to 1.5.28 by @dependabot[bot] in https://github.com/apache/shiro/pull/2541
• chore(deps): bump commons-cli:commons-cli from 1.9.0 to 1.11.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2537
• chore(deps): bump org.apache.karaf.features:framework from 4.4.7 to 4.4.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2540
• yamllint enable rule checking for line length by @jbampton in https://github.com/apache/shiro/pull/2557
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.7 to 3.6.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2543
• Add EditorConfig checker with pre-commit by @jbampton in https://github.com/apache/shiro/pull/2559
• chore(deps): bump ch.qos.logback:logback-core from 1.5.28 to 1.5.32 by @dependabot[bot] in https://github.com/apache/shiro/pull/2573
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.32 by @dependabot[bot] in https://github.com/apache/shiro/pull/2572
• chore(deps): bump github/codeql-action from 4.32.2 to 4.32.3 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2564
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.3.0 to 4.3.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2566
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2571
• chore(deps): bump org.apache.cxf:cxf-bom from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2570
• chore(deps): bump bytebuddy.version from 1.18.4 to 1.18.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2568
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.4 to 3.3.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2567
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.9 to 3.6.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2565
• chore(deps): bump org.apache.karaf.features:framework from 4.4.9 to 4.4.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2569
• chore(deps): bump com.github.mjeanroy:junit-servers-jetty-9 from 3.4.0 to 3.5.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2561
• [#2488] chore: add .gitattributes file for line ending normalization and file… by @lprimak in https://github.com/apache/shiro/pull/2574
• [#1862] [3.0] Support for JDK 25 scoped values by @lprimak in https://github.com/apache/shiro/pull/2485

• @janitza-mage made their first contribution in https://github.com/apache/shiro/pull/1582
• @Himakar made their first contribution in https://github.com/apache/shiro/pull/1581
• @rgcv made their first contribution in https://github.com/apache/shiro/pull/2224
• @nsoft made their first contribution in https://github.com/apache/shiro/pull/2017
• @iampratap7997-dot made their first contribution in https://github.com/apache/shiro/pull/2518

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.1.0...shiro-root-3.0.0-alpha-1

• chore(deps): bump org.htmlunit:htmlunit from 4.17.0 to 4.18.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2355
• chore: hide deprecation warning in AD test by @lprimak in https://github.com/apache/shiro/pull/2352
• chore(deps): bump github/codeql-action from 4.31.0 to 4.31.2 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2353
• chore(deps): bump bytebuddy.version from 1.17.8 to 1.18.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2369
• chore(deps): bump org.owasp:dependency-check-maven from 12.1.8 to 12.1.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2367
• chore(deps): bump org.omnifaces:omnifaces from 3.14.11 to 3.14.12 by @dependabot[bot] in https://github.com/apache/shiro/pull/2364
• [#953] - Allow CORS preflight requests to bypass authentication by @celikfatih in https://github.com/apache/shiro/pull/2372
• chore: put back changes that were overwritten by maven release plugin by @lprimak in https://github.com/apache/shiro/pull/2375
• chore(deps): bump bytebuddy.version from 1.18.1 to 1.18.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2389
• chore(deps): bump org.quartz-scheduler:quartz from 2.5.1 to 2.5.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2387
• chore(deps): bump org.codehaus.mojo:taglist-maven-plugin from 3.2.1 to 3.2.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2380
• chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.19.1 to 2.20.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2379
• chore(deps): bump org.htmlunit:htmlunit from 4.18.0 to 4.19.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2377
• chore(deps): bump org.owasp.encoder:encoder from 1.3.1 to 1.4.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2374
• chore(deps): bump the github-dependencies group with 2 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2373
• Configure EditorConfig for .rdf by @jbampton in https://github.com/apache/shiro/pull/2386
• Remove type attributes from HTML script tags by @jbampton in https://github.com/apache/shiro/pull/2382
• pre-commit: add 3 more hooks; fix end of files by @jbampton in https://github.com/apache/shiro/pull/2360
• Pin all actions workflows by @jbampton in https://github.com/apache/shiro/pull/2385
• Add pre-commit hook to trim trailing whitespace by @jbampton in https://github.com/apache/shiro/pull/2406
• gha: use pre-commit run --color=always by @jbampton in https://github.com/apache/shiro/pull/2407
• chore: pin python and it's depenendencies for pre-commit check on GitHub by @lprimak in https://github.com/apache/shiro/pull/2408
• chore: pin python pre-commit workflow dependency with hash by @lprimak in https://github.com/apache/shiro/pull/2410
• Add descriptions to all pre-commit hooks by @jbampton in https://github.com/apache/shiro/pull/2409
• chore: fix vulnerabilities in tests reported by OpenSSF tool by @lprimak in https://github.com/apache/shiro/pull/2411
• chore(deps): bump org.htmlunit:htmlunit from 4.19.0 to 4.20.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2415
• chore(deps): bump the github-dependencies group with 5 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2414
• chore(deps): bump mockito.version from 5.20.0 to 5.21.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2420
• chore(deps): bump ch.qos.logback:logback-core from 1.5.21 to 1.5.22 by @dependabot[bot] in https://github.com/apache/shiro/pull/2419
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22 by @dependabot[bot] in https://github.com/apache/shiro/pull/2417
• chore(deps): bump the github-dependencies group with 3 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2418
• chore(security): update log4-core by @lprimak in https://github.com/apache/shiro/pull/2430
• chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.6.2 to 3.6.3 by @dependabot[bot] in https://github.com/apache/shiro/pull/2429
• chore(deps): bump ch.qos.logback:logback-core from 1.5.22 to 1.5.23 by @dependabot[bot] in https://github.com/apache/shiro/pull/2427
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.24.2 to 0.25.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2428
• chore(deps): bump github/codeql-action from 4.31.8 to 4.31.9 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2424
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.23 by @dependabot[bot] in https://github.com/apache/shiro/pull/2426
• chore(deps): bump bytebuddy.version from 1.18.2 to 1.18.3 by @dependabot[bot] in https://github.com/apache/shiro/pull/2425
• chore(deps): bump org.htmlunit:htmlunit from 4.20.0 to 4.21.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2431
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.23 to 1.5.24 by @dependabot[bot] in https://github.com/apache/shiro/pull/2455
• chore(deps): bump org.owasp:dependency-check-maven from 12.1.9 to 12.2.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2454
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.25.1 to 0.25.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2453
• chore(deps): bump ch.qos.logback:logback-core from 1.5.23 to 1.5.24 by @dependabot[bot] in https://github.com/apache/shiro/pull/2452
• chore(deps): bump javax.enterprise:cdi-api from 2.0 to 2.0.SP1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2451
• chore(deps): bump org.jsoup:jsoup from 1.21.2 to 1.22.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2442
• chore(deps): bump github/codeql-action from 4.31.9 to 4.31.10 in the github-dependencies group by @dependabot[bot] in https://github.com/apache/shiro/pull/2449
• [#2460] bugfix: avoid duplicate proxying of StoppingAwareProxiedSession by @lprimak in https://github.com/apache/shiro/pull/2459
• [#2458] Deploy next snapshot version as computed dynamically from latest release by @lprimak in https://github.com/apache/shiro/pull/2456
• [#2460] test for recursively wrapped sessions by @bmarwell in https://github.com/apache/shiro/pull/2470
• [#2471] remove experimental, unused class SimplePrincipalMap by @bmarwell in https://github.com/apache/shiro/pull/2472
• Jakarta ee update by @lprimak in https://github.com/apache/shiro/pull/2474
• chore(deps): bump ch.qos.logback:logback-core from 1.5.24 to 1.5.26 by @dependabot[bot] in https://github.com/apache/shiro/pull/2480
• chore(deps): bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.26 by @dependabot[bot] in https://github.com/apache/shiro/pull/2479
• chore(deps-dev): bump org.assertj:assertj-core from 3.27.6 to 3.27.7 by @dependabot[bot] in https://github.com/apache/shiro/pull/2478
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.2.1 to 4.3.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2476
• chore(deps): bump the github-dependencies group across 1 directory with 5 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2477
• chore(deps-dev): bump org.codehaus.mojo:buildnumber-maven-plugin from 3.2.1 to 3.3.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2467
• chore(deps-dev): bump org.codehaus.mojo:xml-maven-plugin from 1.2.0 to 1.2.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2466
• chore(deps-dev): bump org.codehaus.mojo:versions-maven-plugin from 2.20.1 to 2.21.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2465
• chore(deps-dev): bump org.codehaus.mojo:jdepend-maven-plugin from 2.1 to 2.2.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2464
• chore(deps): bump bytebuddy.version from 1.18.3 to 1.18.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2468
• [#1025] - Shiro's InvalidRequestFilter blocks valid paths with encoded slashes by @haster in https://github.com/apache/shiro/pull/1026
• [#2421] bugfix: restored ability to match passwords from Shiro 1.x that have … by @lprimak in https://github.com/apache/shiro/pull/2475
• Run pre-commit autoupdate to update the hooks by @jbampton in https://github.com/apache/shiro/pull/2486
• chore: Eclipse IDE ignores for license checks by @lprimak in https://github.com/apache/shiro/pull/2484
• Update pre-commit workflow set --show-diff-on-failure by @jbampton in https://github.com/apache/shiro/pull/2487

• @celikfatih made their first contribution in https://github.com/apache/shiro/pull/2372
• @haster made their first contribution in https://github.com/apache/shiro/pull/1026

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.0.6...shiro-root-2.1.0

• [#2186] change authorized user to return 403 by @OyvindLGjesdal in https://github.com/apache/shiro/pull/2187
• [#2299] bugfix(jakarta-ee): don't set character encoding to UTF-8 if it's alr… by @lprimak in https://github.com/apache/shiro/pull/2298
• bugfix: logic for iteration parameter in the hasher by @lprimak in https://github.com/apache/shiro/pull/2326
• [#2328] bugfix: renamed bcrypt algo name so it's usable, refactored algo name… by @lprimak in https://github.com/apache/shiro/pull/2327

• enh: update issue templates by @lprimak in https://github.com/apache/shiro/pull/2217
• [#2274] enh(jakarta-ee): add optional URL session tracking configuration para… by @lprimak in https://github.com/apache/shiro/pull/2277
• Fix typos in Java code comments by @jbampton in https://github.com/apache/shiro/pull/2312
• Fix grammar/typo in CONTRIBUTING.md by @jbampton in https://github.com/apache/shiro/pull/2315
• Use https on links by @jbampton in https://github.com/apache/shiro/pull/2314
• Added support for iterations parameter by @ntolppi in https://github.com/apache/shiro/pull/2324
• Adds setPrincipalSuffix() to AbstractLdapRealm & updates ActiveDirectoryRealm by @tbrugz in https://github.com/apache/shiro/pull/2310
• Add basic pull request labeler workflow by @jbampton in https://github.com/apache/shiro/pull/2322
• Add codespell with pre-commit and fix typos by @jbampton in https://github.com/apache/shiro/pull/2313
• [#2308] Active Directory: added Initialization test by @tbrugz in https://github.com/apache/shiro/pull/2329
• Optimize Dependabot by using groups for github-actions ecosystem by @jbampton in https://github.com/apache/shiro/pull/2340
• pre-commit: add gitleaks to check for secrets by @jbampton in https://github.com/apache/shiro/pull/2336
• Fix spelling in pom.xml by @jbampton in https://github.com/apache/shiro/pull/2331
• Add basic EditorConfig file by @jbampton in https://github.com/apache/shiro/pull/2335
• Pull request labeler: add more labels by @jbampton in https://github.com/apache/shiro/pull/2334
• pre-commit: add yamllint and standardize YAML files by @jbampton in https://github.com/apache/shiro/pull/2343
• Add CodeQL for actions by @jbampton in https://github.com/apache/shiro/pull/2333
• Add 6 official pre-commit hooks by @jbampton in https://github.com/apache/shiro/pull/2330
• pre-commit: add oxipng for lossless PNG compression by @jbampton in https://github.com/apache/shiro/pull/2337
• Add 5 more official pre-commit hooks by @jbampton in https://github.com/apache/shiro/pull/2351
• pre-commit: add markdownlint and clean Markdown files by @jbampton in https://github.com/apache/shiro/pull/2338
• pre-commit: add actionlint for GitHub Actions workflow files by @jbampton in https://github.com/apache/shiro/pull/2342
• pre-commit: add shellcheck and clean shell files by @jbampton in https://github.com/apache/shiro/pull/2339

• @OyvindLGjesdal made their first contribution in https://github.com/apache/shiro/pull/2187
• @ntolppi made their first contribution in https://github.com/apache/shiro/pull/2324

• chore(deps-dev): bump junit.engine.version from 1.13.2 to 1.13.3 by @dependabot[bot] in https://github.com/apache/shiro/pull/2178
• chore(deps): bump junit.version from 5.13.2 to 5.13.3 by @dependabot[bot] in https://github.com/apache/shiro/pull/2179
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.2.0 to 4.2.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2181
• chore(deps-dev): bump junit.engine.version from 1.13.3 to 1.13.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2188
• chore(deps): bump junit.version from 5.13.3 to 5.13.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2189
• chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 by @dependabot[bot] in https://github.com/apache/shiro/pull/2190
• chore(deps): bump github/codeql-action from 3.29.3 to 3.29.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2191
• chore(deps): bump github/codeql-action from 3.29.4 to 3.29.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2194
• chore(deps): bump org.htmlunit:htmlunit from 4.13.0 to 4.14.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2195
• chore(deps-dev): bump org.assertj:assertj-core from 3.27.3 to 3.27.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2202
• chore(deps): bump github/codeql-action from 3.29.5 to 3.29.6 by @dependabot[bot] in https://github.com/apache/shiro/pull/2200
• chore(deps): bump actions/cache from 4.2.3 to 4.2.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2199
• chore(deps): bump github/codeql-action from 3.29.6 to 3.29.8 by @dependabot[bot] in https://github.com/apache/shiro/pull/2204
• chore(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2205
• chore(deps): bump github/codeql-action from 3.29.8 to 3.29.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2207
• chore(deps): bump jetty.version from 9.4.57.v20241219 to 9.4.58.v20250814 by @dependabot[bot] in https://github.com/apache/shiro/pull/2208
• chore(deps): bump mockito.version from 5.18.0 to 5.19.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2211
• chore(deps): bump org.htmlunit:htmlunit from 4.14.0 to 4.15.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2213
• chore(deps): bump bytebuddy.version from 1.17.6 to 1.17.7 by @dependabot[bot] in https://github.com/apache/shiro/pull/2214
• chore(deps): bump github/codeql-action from 3.29.9 to 3.29.10 by @dependabot[bot] in https://github.com/apache/shiro/pull/2215
• chore(deps): bump github/codeql-action from 3.29.10 to 3.29.11 by @dependabot[bot] in https://github.com/apache/shiro/pull/2219
• chore(deps): bump com.github.mjeanroy:junit-servers-jetty-9 from 3.3.1 to 3.4.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2221
• chore(deps): bump actions/setup-java from 4.7.1 to 5.0.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2220
• chore(deps): bump org.jsoup:jsoup from 1.21.1 to 1.21.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2226
• chore(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.11.4 to 3.11.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2225
• chore(deps): bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2227
• chore(deps): bump github/codeql-action from 3.29.11 to 3.30.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2230
• chore(deps): bump org.yaml:snakeyaml from 2.4 to 2.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2229
• chore(deps): bump org.projectlombok:lombok from 1.18.38 to 1.18.40 by @dependabot[bot] in https://github.com/apache/shiro/pull/2238
• chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.18.0 to 2.19.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2235
• chore(deps): bump github/codeql-action from 3.30.0 to 3.30.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2234
• chore(deps): bump actions/stale from 9.1.0 to 10.0.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2233
• chore(deps): bump github/codeql-action from 3.30.1 to 3.30.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2239
• chore(deps): bump github/codeql-action from 3.30.2 to 3.30.3 by @dependabot[bot] in https://github.com/apache/shiro/pull/2240
• chore(deps-dev): bump org.bouncycastle:bcprov-jdk18on from 1.81 to 1.82 by @dependabot[bot] in https://github.com/apache/shiro/pull/2245
• chore(deps): bump org.projectlombok:lombok from 1.18.40 to 1.18.42 by @dependabot[bot] in https://github.com/apache/shiro/pull/2248
• chore(deps-dev): bump org.assertj:assertj-core from 3.27.4 to 3.27.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2249
• chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.19.0 to 2.19.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2250
• chore(deps): bump org.owasp:dependency-check-maven from 12.1.3 to 12.1.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2251
• chore(deps): bump mockito.version from 5.19.0 to 5.20.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2257
• chore(deps-dev): bump org.assertj:assertj-core from 3.27.5 to 3.27.6 by @dependabot[bot] in https://github.com/apache/shiro/pull/2258
• chore(deps): bump actions/cache from 4.2.4 to 4.3.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2260
• chore(deps): bump org.owasp:dependency-check-maven from 12.1.5 to 12.1.6 by @dependabot[bot] in https://github.com/apache/shiro/pull/2262
• chore(deps): bump github/codeql-action from 3.30.3 to 3.30.4 by @dependabot[bot] in https://github.com/apache/shiro/pull/2264
• chore(deps): bump github/codeql-action from 3.30.4 to 3.30.5 by @dependabot[bot] in https://github.com/apache/shiro/pull/2266
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.23.1 to 0.24.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2280
• chore(deps): bump github/codeql-action from 3.30.5 to 3.30.6 by @dependabot[bot] in https://github.com/apache/shiro/pull/2275
• chore(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @dependabot[bot] in https://github.com/apache/shiro/pull/2272
• chore(deps): bump actions/stale from 10.0.0 to 10.1.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2282
• chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.5.1 to 3.6.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2283
• chore(deps): bump org.htmlunit:htmlunit from 4.16.0 to 4.17.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2284
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.24.0 to 0.24.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2286
• chore(deps): bump bytebuddy.version from 1.17.7 to 1.17.8 by @dependabot[bot] in https://github.com/apache/shiro/pull/2290
• chore(deps): bump github/codeql-action from 3.30.6 to 4.30.8 by @dependabot[bot] in https://github.com/apache/shiro/pull/2296
• chore(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 by @dependabot[bot] in https://github.com/apache/shiro/pull/2307
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.24.1 to 0.24.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2305
• chore(deps): bump org.owasp:dependency-check-maven from 12.1.6 to 12.1.8 by @dependabot[bot] in https://github.com/apache/shiro/pull/2302
• chore(deps): bump github/codeql-action from 4.30.8 to 4.30.9 by @dependabot[bot] in https://github.com/apache/shiro/pull/2311
• chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in https://github.com/apache/shiro/pull/2316
• chore(deps): bump org.codehaus.mojo:xml-maven-plugin from 1.1.0 to 1.2.0 by @dependabot[bot] in https://github.com/apache/shiro/pull/2321
• chore(deps): bump the github-dependencies group with 2 updates by @dependabot[bot] in https://github.com/apache/shiro/pull/2347
• chore(deps): bump org.quartz-scheduler:quartz from 2.5.0 to 2.5.1 by @dependabot[bot] in https://github.com/apache/shiro/pull/2350

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.0.5...shiro-root-2.0.6

• [#1691] added the @Qualifier annotation to the RequestMappi… by @Suvrat1629 in https://github.com/apache/shiro/pull/2147

• Fix redundant Optional check in DefaultHashService by @AetherRadar in https://github.com/apache/shiro/pull/2088
• Remove illegal access permit by @lprimak in https://github.com/apache/shiro/pull/2099
• chore: fix test warnings on jdk 24 and 25 by @lprimak in https://github.com/apache/shiro/pull/2101
• chore(java): fix typos by @jbampton in https://github.com/apache/shiro/pull/2163
• chore(java): fix typos by @jbampton in https://github.com/apache/shiro/pull/2164
• chore(java): fix typos by @jbampton in https://github.com/apache/shiro/pull/2165
• chore(java): fix spelling by @jbampton in https://github.com/apache/shiro/pull/2170
• chore: remove unneeded trailing whitespace by @jbampton in https://github.com/apache/shiro/pull/2171
• chore(samples): fix spelling by @jbampton in https://github.com/apache/shiro/pull/2172
• chore(java): fix spelling by @jbampton in https://github.com/apache/shiro/pull/2174
• chore(samples): remove tabs from pom.xml files by @jbampton in https://github.com/apache/shiro/pull/2173
• Fix spelling in pom.xml by @jbampton in https://github.com/apache/shiro/pull/2168

• chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by @dependabot in https://github.com/apache/shiro/pull/2087
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.23.0 to 10.23.1 by @dependabot in https://github.com/apache/shiro/pull/2092
• chore(deps): bump org.omnifaces:omnifaces from 3.14.7 to 3.14.8 by @dependabot in https://github.com/apache/shiro/pull/2091
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.1.1 to 4.2.0 by @dependabot in https://github.com/apache/shiro/pull/2093
• chore(deps): bump org.jsoup:jsoup from 1.19.1 to 1.20.1 by @dependabot in https://github.com/apache/shiro/pull/2096
• chore(deps): bump github/codeql-action from 3.28.16 to 3.28.17 by @dependabot in https://github.com/apache/shiro/pull/2097
• [StepSecurity] ci: Harden GitHub Actions by @step-security-bot in https://github.com/apache/shiro/pull/2098
• chore(ci): update CI JDK 23 to 24 by @lprimak in https://github.com/apache/shiro/pull/2100
• chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot in https://github.com/apache/shiro/pull/2104
• chore(deps-dev): bump org.easymock:easymock from 5.5.0 to 5.6.0 by @dependabot in https://github.com/apache/shiro/pull/2105
• chore(deps): bump org.htmlunit:htmlunit from 4.11.1 to 4.12.0 by @dependabot in https://github.com/apache/shiro/pull/2106
• chore(deps): bump mockito.version from 5.17.0 to 5.18.0 by @dependabot in https://github.com/apache/shiro/pull/2109
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.23.1 to 10.24.0 by @dependabot in https://github.com/apache/shiro/pull/2110
• chore(deps): bump org.apache.commons:commons-configuration2 from 2.11.0 to 2.12.0 by @dependabot in https://github.com/apache/shiro/pull/2112
• chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.5.0 to 3.5.1 by @dependabot in https://github.com/apache/shiro/pull/2116
• chore(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot in https://github.com/apache/shiro/pull/2120
• chore(deps-dev): bump junit.engine.version from 1.12.2 to 1.13.0 by @dependabot in https://github.com/apache/shiro/pull/2121
• chore(deps): bump junit.version from 5.12.2 to 5.13.0 by @dependabot in https://github.com/apache/shiro/pull/2122
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.24.0 to 10.25.0 by @dependabot in https://github.com/apache/shiro/pull/2123
• chore(deps): bump org.omnifaces:omnifaces from 3.14.8 to 3.14.9 by @dependabot in https://github.com/apache/shiro/pull/2124
• chore(deps): bump org.htmlunit:htmlunit from 4.12.0 to 4.13.0 by @dependabot in https://github.com/apache/shiro/pull/2125
• chore(deps): bump github/codeql-action from 3.28.18 to 3.28.19 by @dependabot in https://github.com/apache/shiro/pull/2126
• chore(deps-dev): bump org.bouncycastle:bcprov-jdk18on from 1.80 to 1.81 by @dependabot in https://github.com/apache/shiro/pull/2129
• chore(deps): bump org.omnifaces:omnifaces from 3.14.9 to 3.14.10 by @dependabot in https://github.com/apache/shiro/pull/2128
• chore(deps): bump org.codehaus.mojo:build-helper-maven-plugin from 3.6.0 to 3.6.1 by @dependabot in https://github.com/apache/shiro/pull/2131
• chore(deps-dev): bump arquillian.core.version from 1.9.4.Final to 1.9.5.Final by @dependabot in https://github.com/apache/shiro/pull/2130
• chore(deps): bump junit.version from 5.13.0 to 5.13.1 by @dependabot in https://github.com/apache/shiro/pull/2135
• chore(deps-dev): bump junit.engine.version from 1.13.0 to 1.13.1 by @dependabot in https://github.com/apache/shiro/pull/2134
• chore(deps): bump org.owasp:dependency-check-maven from 12.1.1 to 12.1.2 by @dependabot in https://github.com/apache/shiro/pull/2137
• chore(deps): bump org.omnifaces:omnifaces from 3.14.10 to 3.14.11 by @dependabot in https://github.com/apache/shiro/pull/2136
• chore(deps): bump org.owasp:dependency-check-maven from 12.1.2 to 12.1.3 by @dependabot in https://github.com/apache/shiro/pull/2140
• chore(deps): bump github/codeql-action from 3.28.19 to 3.29.0 by @dependabot in https://github.com/apache/shiro/pull/2142
• chore(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.11.3 to 3.11.4 by @dependabot in https://github.com/apache/shiro/pull/2143
• chore(deps): bump bytebuddy.version from 1.17.5 to 1.17.6 by @dependabot in https://github.com/apache/shiro/pull/2145
• chore(deps): bump org.apache:apache from 34 to 35 by @dependabot in https://github.com/apache/shiro/pull/2148
• chore(deps): bump log4j.version from 2.24.3 to 2.25.0 by @dependabot in https://github.com/apache/shiro/pull/2149
• chore(deps): bump commons-beanutils:commons-beanutils from 1.10.1 to 1.11.0 by @dependabot in https://github.com/apache/shiro/pull/2150
• chore(deps): bump groovy.version from 4.0.26 to 4.0.27 by @dependabot in https://github.com/apache/shiro/pull/2151
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.6 to 3.6.7 by @dependabot in https://github.com/apache/shiro/pull/2153
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.6 to 3.6.7 by @dependabot in https://github.com/apache/shiro/pull/2154
• chore(deps): bump org.jsoup:jsoup from 1.20.1 to 1.21.1 by @dependabot in https://github.com/apache/shiro/pull/2155
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.25.0 to 10.25.1 by @dependabot in https://github.com/apache/shiro/pull/2156
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.25.1 to 10.26.0 by @dependabot in https://github.com/apache/shiro/pull/2159
• chore(deps-dev): bump junit.engine.version from 1.13.1 to 1.13.2 by @dependabot in https://github.com/apache/shiro/pull/2157
• chore(deps): bump junit.version from 5.13.1 to 5.13.2 by @dependabot in https://github.com/apache/shiro/pull/2158
• chore(deps-dev): bump arquillian.core.version from 1.9.5.Final to 1.10.0.Final by @dependabot in https://github.com/apache/shiro/pull/2161
• chore(deps): bump github/codeql-action from 3.29.0 to 3.29.1 by @dependabot in https://github.com/apache/shiro/pull/2162
• chore(deps): bump github/codeql-action from 3.29.1 to 3.29.2 by @dependabot in https://github.com/apache/shiro/pull/2166
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.26.0 to 10.26.1 by @dependabot in https://github.com/apache/shiro/pull/2169
• deps: updated maven wrapper version to 3.9.10 by @lprimak in https://github.com/apache/shiro/pull/2176

• @AetherRadar made their first contribution in https://github.com/apache/shiro/pull/2088
• @jbampton made their first contribution in https://github.com/apache/shiro/pull/2163

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.0.4...shiro-root-2.0.5

• [#2081] bugfix: remove InheriableThreadLocal from ThreadContext as it was cau… by @lprimak in https://github.com/apache/shiro/pull/2082
• [#2083] bugfix: added Shiro core additional ClassLoader to be used when seria… by @lprimak in https://github.com/apache/shiro/pull/2085

• chore: update OpenSSF Scorecard badge
• chore: removed unused test-coverage module, was causing issues for the release

• chore(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by @dependabot in https://github.com/apache/shiro/pull/2073
• chore(deps): bump org.owasp:dependency-check-maven from 12.1.0 to 12.1.1 by @dependabot in https://github.com/apache/shiro/pull/2070
• chore(deps): bump actions/setup-java from 4.7.0 to 4.7.1 by @dependabot in https://github.com/apache/shiro/pull/2075
• chore(deps-dev): bump junit.engine.version from 1.12.1 to 1.12.2 by @dependabot in https://github.com/apache/shiro/pull/2079
• chore(deps): bump junit.version from 5.12.1 to 5.12.2 by @dependabot in https://github.com/apache/shiro/pull/2080

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.0.3...shiro-root-2.0.4

• bugfix(test): locking flaky failing Guice test by @lprimak in https://github.com/apache/shiro/pull/1890
• [DOC] - Clean up invalid Javadoc syntax and broken references by @arthenice in https://github.com/apache/shiro/pull/1986
• [DOC] - Fix comments and log messages in AuthenticatingRealm by @jkaving in https://github.com/apache/shiro/pull/2023
• [#2050] bugfix: catch IllegalStateException in validate() by @lprimak in https://github.com/apache/shiro/pull/2052

• chore: update CI JDK 22 -> 23 by @lprimak in https://github.com/apache/shiro/pull/1881
• chore: added maven wrapper, update 3.9.9 and have CI scripts use it by @lprimak in https://github.com/apache/shiro/pull/1935
• deps: switch to dev.aspectj - newer maven plugin by @lprimak in https://github.com/apache/shiro/pull/2062

• chore(deps): bump groovy.version from 4.0.23 to 4.0.24 by @dependabot in https://github.com/apache/shiro/pull/1869
• chore(deps): bump github/codeql-action from 3.27.0 to 3.27.1 by @dependabot in https://github.com/apache/shiro/pull/1868
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.20.0 to 10.20.1 by @dependabot in https://github.com/apache/shiro/pull/1867
• chore(deps): bump github/codeql-action from 3.27.1 to 3.27.2 by @dependabot in https://github.com/apache/shiro/pull/1872
• chore(deps): bump org.quartz-scheduler:quartz from 2.5.0-rc2 to 2.5.0 by @dependabot in https://github.com/apache/shiro/pull/1875
• chore(deps): bump github/codeql-action from 3.27.2 to 3.27.3 by @dependabot in https://github.com/apache/shiro/pull/1873
• chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.17.1 to 2.18.0 by @dependabot in https://github.com/apache/shiro/pull/1876
• chore(deps): bump github/codeql-action from 3.27.3 to 3.27.4 by @dependabot in https://github.com/apache/shiro/pull/1877
• chore(deps): bump org.projectlombok:lombok from 1.18.34 to 1.18.36 by @dependabot in https://github.com/apache/shiro/pull/1880
• chore(deps-dev): bump org.easymock:easymock from 5.4.0 to 5.5.0 by @dependabot in https://github.com/apache/shiro/pull/1882
• chore(deps): bump github/codeql-action from 3.27.4 to 3.27.5 by @dependabot in https://github.com/apache/shiro/pull/1884
• chore(deps): bump log4j.version from 2.24.1 to 2.24.2 by @dependabot in https://github.com/apache/shiro/pull/1886
• chore(deps): bump org.omnifaces:omnifaces from 3.14.6 to 3.14.7 by @dependabot in https://github.com/apache/shiro/pull/1888
• chore(deps): bump org.jsoup:jsoup from 1.18.1 to 1.18.2 by @dependabot in https://github.com/apache/shiro/pull/1889
• chore(deps): bump github/codeql-action from 3.27.5 to 3.27.6 by @dependabot in https://github.com/apache/shiro/pull/1896
• chore(deps): bump org.htmlunit:htmlunit from 4.6.0 to 4.7.0 by @dependabot in https://github.com/apache/shiro/pull/1897
• chore(deps): bump com.github.mjeanroy:junit-servers-jetty-9 from 3.3.0 to 3.3.1 by @dependabot in https://github.com/apache/shiro/pull/1899
• chore(deps): bump org.jsoup:jsoup from 1.18.2 to 1.18.3 by @dependabot in https://github.com/apache/shiro/pull/1898
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.20.1 to 10.20.2 by @dependabot in https://github.com/apache/shiro/pull/1900
• chore(deps): bump org.owasp:dependency-check-maven from 11.1.0 to 11.1.1 by @dependabot in https://github.com/apache/shiro/pull/1901
• chore(deps): bump actions/cache from 4.1.2 to 4.2.0 by @dependabot in https://github.com/apache/shiro/pull/1903
• chore(deps): bump github/codeql-action from 3.27.6 to 3.27.7 by @dependabot in https://github.com/apache/shiro/pull/1909
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.4 to 3.6.5 by @dependabot in https://github.com/apache/shiro/pull/1910
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.4 to 3.6.5 by @dependabot in https://github.com/apache/shiro/pull/1911
• chore(deps): bump org.apache.maven.skins:maven-fluido-skin from 2.0.0 to 2.0.1 by @dependabot in https://github.com/apache/shiro/pull/1912
• chore(deps): bump log4j.version from 2.24.2 to 2.24.3 by @dependabot in https://github.com/apache/shiro/pull/1913
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.20.2 to 10.21.0 by @dependabot in https://github.com/apache/shiro/pull/1915
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.2 to 3.3.3 by @dependabot in https://github.com/apache/shiro/pull/1914
• chore(deps): bump github/codeql-action from 3.27.7 to 3.27.9 by @dependabot in https://github.com/apache/shiro/pull/1919
• chore(deps): bump bytebuddy.version from 1.15.10 to 1.15.11 by @dependabot in https://github.com/apache/shiro/pull/1921
• chore(deps): bump junit.version from 5.11.3 to 5.11.4 by @dependabot in https://github.com/apache/shiro/pull/1922
• chore(deps-dev): bump junit.engine.version from 1.11.3 to 1.11.4 by @dependabot in https://github.com/apache/shiro/pull/1923
• chore(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0 by @dependabot in https://github.com/apache/shiro/pull/1924
• chore(deps): bump actions/setup-java from 4.5.0 to 4.6.0 by @dependabot in https://github.com/apache/shiro/pull/1925
• chore(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.11.1 to 3.11.2 by @dependabot in https://github.com/apache/shiro/pull/1927
• chore(deps-dev): bump org.assertj:assertj-core from 3.26.3 to 3.27.0 by @dependabot in https://github.com/apache/shiro/pull/1929
• chore(deps): bump github/codeql-action from 3.27.9 to 3.28.0 by @dependabot in https://github.com/apache/shiro/pull/1930
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.21.0 to 10.21.1 by @dependabot in https://github.com/apache/shiro/pull/1932
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.0.1 to 4.1.0 by @dependabot in https://github.com/apache/shiro/pull/1934
• chore(deps-dev): bump org.assertj:assertj-core from 3.27.0 to 3.27.1 by @dependabot in https://github.com/apache/shiro/pull/1936
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 4.1.0 to 4.1.1 by @dependabot in https://github.com/apache/shiro/pull/1938
• chore(deps): bump mockito.version from 5.14.2 to 5.15.2 by @dependabot in https://github.com/apache/shiro/pull/1937
• chore(deps-dev): bump org.assertj:assertj-core from 3.27.1 to 3.27.2 by @dependabot in https://github.com/apache/shiro/pull/1943
• chore(deps-dev): bump arquillian.core.version from 1.9.1.Final to 1.9.2.Final by @dependabot in https://github.com/apache/shiro/pull/1942
• chore(deps): bump commons-beanutils:commons-beanutils from 1.9.4 to 1.10.0 by @dependabot in https://github.com/apache/shiro/pull/1946
• chore(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0 by @dependabot in https://github.com/apache/shiro/pull/1948
• chore(deps): bump jetty.version from 9.4.56.v20240826 to 9.4.57.v20241219 by @dependabot in https://github.com/apache/shiro/pull/1947
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.23.0 to 0.23.1 by @dependabot in https://github.com/apache/shiro/pull/1952
• chore(deps): bump github/codeql-action from 3.28.0 to 3.28.1 by @dependabot in https://github.com/apache/shiro/pull/1954
• chore(deps): bump org.owasp:dependency-check-maven from 11.1.1 to 12.0.0 by @dependabot in https://github.com/apache/shiro/pull/1957
• chore(deps-dev): bump arquillian.core.version from 1.9.2.Final to 1.9.3.Final by @dependabot in https://github.com/apache/shiro/pull/1955
• chore(deps): bump org.htmlunit:htmlunit from 4.7.0 to 4.8.0 by @dependabot in https://github.com/apache/shiro/pull/1956
• chore(deps-dev): bump org.bouncycastle:bcprov-jdk18on from 1.79 to 1.80 by @dependabot in https://github.com/apache/shiro/pull/1960
• chore(deps): bump org.owasp:dependency-check-maven from 12.0.0 to 12.0.1 by @dependabot in https://github.com/apache/shiro/pull/1964
• chore(deps): bump bytebuddy.version from 1.15.11 to 1.16.1 by @dependabot in https://github.com/apache/shiro/pull/1963
• chore(deps-dev): bump org.assertj:assertj-core from 3.27.2 to 3.27.3 by @dependabot in https://github.com/apache/shiro/pull/1962
• chore(deps): bump github/codeql-action from 3.28.1 to 3.28.4 by @dependabot in https://github.com/apache/shiro/pull/1969
• chore(deps): bump org.htmlunit:htmlunit from 4.8.0 to 4.9.0 by @dependabot in https://github.com/apache/shiro/pull/1968
• chore(deps): bump github/codeql-action from 3.28.4 to 3.28.5 by @dependabot in https://github.com/apache/shiro/pull/1972
• chore(deps): bump org.apache.karaf.features:framework from 4.4.6 to 4.4.7 by @dependabot in https://github.com/apache/shiro/pull/1970
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.21.1 to 10.21.2 by @dependabot in https://github.com/apache/shiro/pull/1975
• chore(deps): bump groovy.version from 4.0.24 to 4.0.25 by @dependabot in https://github.com/apache/shiro/pull/1974
• chore(deps): bump github/codeql-action from 3.28.5 to 3.28.6 by @dependabot in https://github.com/apache/shiro/pull/1976
• chore(deps): bump actions/setup-java from 4.6.0 to 4.7.0 by @dependabot in https://github.com/apache/shiro/pull/1979
• chore(deps): bump github/codeql-action from 3.28.6 to 3.28.7 by @dependabot in https://github.com/apache/shiro/pull/1978
• chore(deps): bump org.owasp:dependency-check-maven from 12.0.1 to 12.0.2 by @dependabot in https://github.com/apache/shiro/pull/1980
• chore(deps): bump bytebuddy.version from 1.16.1 to 1.17.0 by @dependabot in https://github.com/apache/shiro/pull/1981
• chore(deps): bump github/codeql-action from 3.28.7 to 3.28.8 by @dependabot in https://github.com/apache/shiro/pull/1982
• chore(deps): bump github/codeql-action from 3.28.8 to 3.28.9 by @dependabot in https://github.com/apache/shiro/pull/1985
• chore(deps-dev): bump commons-logging:commons-logging from 1.3.4 to 1.3.5 by @dependabot in https://github.com/apache/shiro/pull/1989
• chore(deps): bump commons-beanutils:commons-beanutils from 1.10.0 to 1.10.1 by @dependabot in https://github.com/apache/shiro/pull/1992
• chore(deps): bump bytebuddy.version from 1.17.0 to 1.17.1 by @dependabot in https://github.com/apache/shiro/pull/1993
• chore(deps): bump org.yaml:snakeyaml from 2.3 to 2.4 by @dependabot in https://github.com/apache/shiro/pull/1998
• chore(deps): bump org.owasp:dependency-check-maven from 12.0.2 to 12.1.0 by @dependabot in https://github.com/apache/shiro/pull/1996
• chore(deps): bump actions/cache from 4.2.0 to 4.2.1 by @dependabot in https://github.com/apache/shiro/pull/2000
• chore(deps-dev): bump junit.engine.version from 1.11.4 to 1.12.0 by @dependabot in https://github.com/apache/shiro/pull/2005
• chore(deps): bump github/codeql-action from 3.28.9 to 3.28.10 by @dependabot in https://github.com/apache/shiro/pull/2003
• chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by @dependabot in https://github.com/apache/shiro/pull/2002
• chore(deps): bump junit.version from 5.11.4 to 5.12.0 by @dependabot in https://github.com/apache/shiro/pull/2004
• chore(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by @dependabot in https://github.com/apache/shiro/pull/2010
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.21.2 to 10.21.3 by @dependabot in https://github.com/apache/shiro/pull/2008
• chore(deps): bump org.htmlunit:htmlunit from 4.9.0 to 4.10.0 by @dependabot in https://github.com/apache/shiro/pull/2009
• chore(deps): bump slf4j.version from 2.0.16 to 2.0.17 by @dependabot in https://github.com/apache/shiro/pull/2007
• chore(deps): bump actions/cache from 4.2.1 to 4.2.2 by @dependabot in https://github.com/apache/shiro/pull/2011
• chore(deps): bump groovy.version from 4.0.25 to 4.0.26 by @dependabot in https://github.com/apache/shiro/pull/2013
• chore(deps): bump bytebuddy.version from 1.17.1 to 1.17.2 by @dependabot in https://github.com/apache/shiro/pull/2015
• chore(deps): bump mockito.version from 5.15.2 to 5.16.0 by @dependabot in https://github.com/apache/shiro/pull/2016
• chore(deps): bump org.jsoup:jsoup from 1.18.3 to 1.19.1 by @dependabot in https://github.com/apache/shiro/pull/2019
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.21.3 to 10.21.4 by @dependabot in https://github.com/apache/shiro/pull/2020
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.5 to 3.6.6 by @dependabot in https://github.com/apache/shiro/pull/2024
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.5 to 3.6.6 by @dependabot in https://github.com/apache/shiro/pull/2025
• chore(deps): bump github/codeql-action from 3.28.10 to 3.28.11 by @dependabot in https://github.com/apache/shiro/pull/2026
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.3 to 3.3.4 by @dependabot in https://github.com/apache/shiro/pull/2028
• chore(deps): bump org.apache.maven.skins:maven-fluido-skin from 2.0.1 to 2.1.0 by @dependabot in https://github.com/apache/shiro/pull/2029
• chore(deps): bump junit.version from 5.12.0 to 5.12.1 by @dependabot in https://github.com/apache/shiro/pull/2033
• chore(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.11.2 to 3.11.3 by @dependabot in https://github.com/apache/shiro/pull/2032
• chore(deps-dev): bump junit.engine.version from 1.12.0 to 1.12.1 by @dependabot in https://github.com/apache/shiro/pull/2031
• chore(deps): bump mockito.version from 5.16.0 to 5.16.1 by @dependabot in https://github.com/apache/shiro/pull/2034
• chore(deps): bump github/codeql-action from 3.28.11 to 3.28.12 by @dependabot in https://github.com/apache/shiro/pull/2037
• chore(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2 by @dependabot in https://github.com/apache/shiro/pull/2045
• chore(deps): bump actions/cache from 4.2.2 to 4.2.3 by @dependabot in https://github.com/apache/shiro/pull/2044
• chore(deps): bump com.mycila:license-maven-plugin from 4.6 to 5.0.0 by @dependabot in https://github.com/apache/shiro/pull/2041
• chore(deps): bump github/codeql-action from 3.28.12 to 3.28.13 by @dependabot in https://github.com/apache/shiro/pull/2046
• chore(deps): bump bytebuddy.version from 1.17.2 to 1.17.4 by @dependabot in https://github.com/apache/shiro/pull/2047
• chore(deps): bump org.htmlunit:htmlunit from 4.10.0 to 4.11.0 by @dependabot in https://github.com/apache/shiro/pull/2049
• chore(deps): bump org.htmlunit:htmlunit from 4.11.0 to 4.11.1 by @dependabot in https://github.com/apache/shiro/pull/2051
• chore(deps-dev): bump arquillian.core.version from 1.9.3.Final to 1.9.4.Final by @dependabot in https://github.com/apache/shiro/pull/2053
• chore(deps): bump org.projectlombok:lombok from 1.18.36 to 1.18.38 by @dependabot in https://github.com/apache/shiro/pull/2058
• chore(deps): bump bytebuddy.version from 1.17.4 to 1.17.5 by @dependabot in https://github.com/apache/shiro/pull/2056
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.21.4 to 10.22.0 by @dependabot in https://github.com/apache/shiro/pull/2057
• chore(deps): bump org.apache:apache from 33 to 34 by @dependabot in https://github.com/apache/shiro/pull/2038
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.22.0 to 10.23.0 by @dependabot in https://github.com/apache/shiro/pull/2064
• chore(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.13 by @dependabot in https://github.com/apache/shiro/pull/2063
• chore(deps): bump mockito.version from 5.16.1 to 5.17.0 by @dependabot in https://github.com/apache/shiro/pull/2068

• @arthenice made their first contribution in https://github.com/apache/shiro/pull/1986
• @jkaving made their first contribution in https://github.com/apache/shiro/pull/2023

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.0.2...shiro-root-2.0.3

• [#1381] enh: Build on JDK 22 by @lprimak in https://github.com/apache/shiro/pull/1530
• [#1762] enh: follow desired request scheme when doing redirection by @lprimak in https://github.com/apache/shiro/pull/1727
• enh(jakarta,it-tests): no longer relying on hardcoded https port in t… by @lprimak in https://github.com/apache/shiro/pull/1808

• [SHIRO-875] Fix creating subjects from a SubjectFactory that disables session-creation by @boris-petrov in https://github.com/apache/shiro/pull/1514
• bugfix(deps): remove junit bom from root by @lprimak in https://github.com/apache/shiro/pull/1690

• chore: re-enabled API compatibility check plugin by @lprimak in https://github.com/apache/shiro/pull/1652
• enh(checkstyle): disable method name validation for test classes by @lprimak in https://github.com/apache/shiro/pull/1650

• update quartz to 2.4.0-rc2, fix CVE-2023-39017 by @minchai23 in https://github.com/apache/shiro/pull/1498
• chore(deps): bump org.quartz-scheduler:quartz from 2.4.0-rc2 to 2.5.0-rc1 by @dependabot in https://github.com/apache/shiro/pull/1503
• chore(deps-dev): bump org.assertj:assertj-core from 3.25.3 to 3.26.0 by @dependabot in https://github.com/apache/shiro/pull/1505
• chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.6.14 by @dependabot in https://github.com/apache/shiro/pull/1506
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.16.0 to 10.17.0 by @dependabot in https://github.com/apache/shiro/pull/1504
• chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.14 to 1.7.0 by @dependabot in https://github.com/apache/shiro/pull/1508
• chore(deps): bump bytebuddy.version from 1.14.16 to 1.14.17 by @dependabot in https://github.com/apache/shiro/pull/1509
• chore(deps-dev): bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 by @dependabot in https://github.com/apache/shiro/pull/1511
• chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in https://github.com/apache/shiro/pull/1515
• chore(deps): bump com.flowlogix:flowlogix-jee from 5.5.3 to 5.5.4 by @dependabot in https://github.com/apache/shiro/pull/1518
• chore(deps): bump org.apache.maven.plugins:maven-jxr-plugin from 3.3.2 to 3.4.0 by @dependabot in https://github.com/apache/shiro/pull/1519
• chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in https://github.com/apache/shiro/pull/1520
• chore(deps): bump org.apache.maven.plugins:maven-help-plugin from 3.4.0 to 3.4.1 by @dependabot in https://github.com/apache/shiro/pull/1522
• chore(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 by @dependabot in https://github.com/apache/shiro/pull/1523
• chore(deps): bump org.htmlunit:htmlunit from 4.1.0 to 4.2.0 by @dependabot in https://github.com/apache/shiro/pull/1524
• chore(deps-dev): bump org.easymock:easymock from 5.2.0 to 5.3.0 by @dependabot in https://github.com/apache/shiro/pull/1527
• chore(deps): bump org.apache.commons:commons-configuration2 from 2.10.1 to 2.11.0 by @dependabot in https://github.com/apache/shiro/pull/1528
• chore(deps): bump github/codeql-action from 3.25.8 to 3.25.9 by @dependabot in https://github.com/apache/shiro/pull/1533
• chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.22.0 to 3.23.0 by @dependabot in https://github.com/apache/shiro/pull/1534
• chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in https://github.com/apache/shiro/pull/1535
• chore(deps): bump spring.version from 5.3.36 to 5.3.37 by @dependabot in https://github.com/apache/shiro/pull/1539
• chore(deps): bump github/codeql-action from 3.25.9 to 3.25.10 by @dependabot in https://github.com/apache/shiro/pull/1536
• deps: updated javassist to latest by @lprimak in https://github.com/apache/shiro/pull/1545
• chore(deps-dev): bump tomcat.version from 10.1.24 to 10.1.25 by @dependabot in https://github.com/apache/shiro/pull/1546
• chore(deps): bump org.apache.maven.plugins:maven-scm-publish-plugin from 3.2.1 to 3.3.0 by @dependabot in https://github.com/apache/shiro/pull/1553
• chore(deps): bump junit.version from 5.10.2 to 5.10.3 by @dependabot in https://github.com/apache/shiro/pull/1555
• chore(deps): bump org.htmlunit:htmlunit from 4.2.0 to 4.3.0 by @dependabot in https://github.com/apache/shiro/pull/1556
• chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in https://github.com/apache/shiro/pull/1557
• chore(deps): bump org.projectlombok:lombok from 1.18.32 to 1.18.34 by @dependabot in https://github.com/apache/shiro/pull/1558
• chore(deps): bump org.owasp:dependency-check-maven from 9.2.0 to 10.0.0 by @dependabot in https://github.com/apache/shiro/pull/1564
• chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0 by @dependabot in https://github.com/apache/shiro/pull/1562
• chore(deps): bump groovy.version from 4.0.21 to 4.0.22 by @dependabot in https://github.com/apache/shiro/pull/1563
• chore(deps): bump org.owasp:dependency-check-maven from 10.0.0 to 10.0.1 by @dependabot in https://github.com/apache/shiro/pull/1565
• chore(deps): bump jetty.version from 9.4.54.v20240208 to 9.4.55.v20240627 by @dependabot in https://github.com/apache/shiro/pull/1567
• chore(deps): bump org.codehaus.mojo:taglist-maven-plugin from 3.0.0 to 3.1.0 by @dependabot in https://github.com/apache/shiro/pull/1568
• chore(deps-dev): bump commons-logging:commons-logging from 1.3.2 to 1.3.3 by @dependabot in https://github.com/apache/shiro/pull/1569
• chore(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in https://github.com/apache/shiro/pull/1573
• chore(deps): bump org.owasp:dependency-check-maven from 10.0.1 to 10.0.2 by @dependabot in https://github.com/apache/shiro/pull/1575
• chore(deps-dev): bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by @dependabot in https://github.com/apache/shiro/pull/1580
• chore(deps): bump bytebuddy.version from 1.14.17 to 1.14.18 by @dependabot in https://github.com/apache/shiro/pull/1579
• chore(deps): bump org.jsoup:jsoup from 1.17.2 to 1.18.1 by @dependabot in https://github.com/apache/shiro/pull/1586
• chore(deps): bump org.apache:apache from 32 to 33 by @dependabot in https://github.com/apache/shiro/pull/1587
• chore(deps-dev): bump org.jboss.arquillian.junit5:arquillian-junit5-container from 1.8.0.Final to 1.9.0.Final by @dependabot in https://github.com/apache/shiro/pull/1578
• chore(deps-dev): bump tomcat.version from 10.1.25 to 10.1.26 by @dependabot in https://github.com/apache/shiro/pull/1594
• chore(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in https://github.com/apache/shiro/pull/1595
• chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.17.0 to 2.17.1 by @dependabot in https://github.com/apache/shiro/pull/1600
• chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.23.0 to 3.24.0 by @dependabot in https://github.com/apache/shiro/pull/1601
• chore(deps): bump org.owasp:dependency-check-maven from 10.0.2 to 10.0.3 by @dependabot in https://github.com/apache/shiro/pull/1604
• chore(deps): bump com.hazelcast:hazelcast from 5.3.7 to 5.3.8 by @dependabot in https://github.com/apache/shiro/pull/1605
• chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.3 to 3.6.4 by @dependabot in https://github.com/apache/shiro/pull/1606
• chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.3 to 3.6.4 by @dependabot in https://github.com/apache/shiro/pull/1607
• chore(deps): bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by @dependabot in https://github.com/apache/shiro/pull/1608
• chore(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in https://github.com/apache/shiro/pull/1611
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.21.2 to 0.22.0 by @dependabot in https://github.com/apache/shiro/pull/1612
• chore(deps-dev): bump arquillian.core.version from 1.9.0.Final to 1.9.1.Final by @dependabot in https://github.com/apache/shiro/pull/1615
• chore(deps): bump github/codeql-action from 3.25.13 to 3.25.14 by @dependabot in https://github.com/apache/shiro/pull/1616
• chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in https://github.com/apache/shiro/pull/1619
• chore(deps): bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in https://github.com/apache/shiro/pull/1618
• chore(deps): bump org.htmlunit:htmlunit from 4.3.0 to 4.4.0 by @dependabot in https://github.com/apache/shiro/pull/1620
• chore(deps-dev): bump org.hamcrest:hamcrest-core from 2.2 to 3.0 by @dependabot in https://github.com/apache/shiro/pull/1624
• chore(deps-dev): bump org.easymock:easymock from 5.3.0 to 5.4.0 by @dependabot in https://github.com/apache/shiro/pull/1625
• chore(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in https://github.com/apache/shiro/pull/1626
• chore(deps): bump org.owasp.encoder:encoder from 1.2.3 to 1.3.0 by @dependabot in https://github.com/apache/shiro/pull/1628
• chore(deps): bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in https://github.com/apache/shiro/pull/1632
• chore(deps-dev): bump tomcat.version from 10.1.26 to 10.1.28 by @dependabot in https://github.com/apache/shiro/pull/1634
• chore(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in https://github.com/apache/shiro/pull/1636
• chore(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in https://github.com/apache/shiro/pull/1637
• chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.3.0 to 3.4.0 by @dependabot in https://github.com/apache/shiro/pull/1643
• chore(deps): bump slf4j.version from 2.0.13 to 2.0.14 by @dependabot in https://github.com/apache/shiro/pull/1642
• chore(deps): bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0 by @dependabot in https://github.com/apache/shiro/pull/1641
• chore(deps): bump slf4j.version from 2.0.14 to 2.0.15 by @dependabot in https://github.com/apache/shiro/pull/1645
• chore(deps): bump slf4j.version from 2.0.15 to 2.0.16 by @dependabot in https://github.com/apache/shiro/pull/1647
• chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.4.0 to 3.4.1 by @dependabot in https://github.com/apache/shiro/pull/1648
• chore(deps-dev): bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.0 to 3.0.1 by @dependabot in https://github.com/apache/shiro/pull/1649
• chore(deps): bump github/codeql-action from 3.26.0 to 3.26.2 by @dependabot in https://github.com/apache/shiro/pull/1653
• chore(deps): bump junit.version from 5.10.3 to 5.11.0 by @dependabot in https://github.com/apache/shiro/pull/1655
• chore(deps): bump spring.version from 5.3.37 to 5.3.39 by @dependabot in https://github.com/apache/shiro/pull/1654
• chore(deps): bump commons-cli:commons-cli from 1.8.0 to 1.9.0 by @dependabot in https://github.com/apache/shiro/pull/1658
• chore(deps): bump com.github.mjeanroy:junit-servers-jetty-9 from 3.1.1 to 3.2.0 by @dependabot in https://github.com/apache/shiro/pull/1664
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.0 to 3.3.1 by @dependabot in https://github.com/apache/shiro/pull/1663
• chore(deps): bump bytebuddy.version from 1.14.18 to 1.14.19 by @dependabot in https://github.com/apache/shiro/pull/1662
• chore(deps-dev): bump commons-logging:commons-logging from 1.3.3 to 1.3.4 by @dependabot in https://github.com/apache/shiro/pull/1666
• chore(deps): bump github/codeql-action from 3.26.2 to 3.26.3 by @dependabot in https://github.com/apache/shiro/pull/1665
• chore(deps): bump org.owasp.encoder:encoder from 1.3.0 to 1.3.1 by @dependabot in https://github.com/apache/shiro/pull/1673
• chore(deps): bump com.github.mjeanroy:junit-servers-jetty-9 from 3.2.0 to 3.3.0 by @dependabot in https://github.com/apache/shiro/pull/1678
• chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.22.0 to 0.23.0 by @dependabot in https://github.com/apache/shiro/pull/1677
• chore(deps): bump github/codeql-action from 3.26.3 to 3.26.4 by @dependabot in https://github.com/apache/shiro/pull/1679
• chore(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.4.0 to 3.5.0 by @dependabot in https://github.com/apache/shiro/pull/1684
• chore(deps): bump org.apache.maven.plugins:maven-help-plugin from 3.4.1 to 3.5.0 by @dependabot in https://github.com/apache/shiro/pull/1685
• chore(deps): bump org.apache.maven.plugins:maven-jxr-plugin from 3.4.0 to 3.5.0 by @dependabot in https://github.com/apache/shiro/pull/1686
• chore(deps): bump bytebuddy.version from 1.14.19 to 1.15.0 by @dependabot in https://github.com/apache/shiro/pull/1687
• deps: updated to latest SpringBoot 3 by @lprimak in https://github.com/apache/shiro/pull/1688
• chore: updated maven site model to 2.0 by @lprimak in https://github.com/apache/shiro/pull/1689
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.17.0 to 10.18.0 by @dependabot in https://github.com/apache/shiro/pull/1693
• chore(deps): bump github/codeql-action from 3.26.4 to 3.26.5 by @dependabot in https://github.com/apache/shiro/pull/1695
• chore(deps-dev): bump jakarta.servlet.jsp.jstl:jakarta.servlet.jsp.jstl-api from 3.0.1 to 3.0.2 by @dependabot in https://github.com/apache/shiro/pull/1694
• chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.24.0 to 3.25.0 by @dependabot in https://github.com/apache/shiro/pull/1696
• chore(deps): bump mockito.version from 5.12.0 to 5.13.0 by @dependabot in https://github.com/apache/shiro/pull/1704
• chore(deps): bump github/codeql-action from 3.26.5 to 3.26.6 by @dependabot in https://github.com/apache/shiro/pull/1706
• chore(deps): bump bytebuddy.version from 1.15.0 to 1.15.1 by @dependabot in https://github.com/apache/shiro/pull/1705
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.18.0 to 10.18.1 by @dependabot in https://github.com/apache/shiro/pull/1707
• chore(deps): bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 by @dependabot in https://github.com/apache/shiro/pull/1708
• chore(deps): bump actions/upload-artifact from 4.3.6 to 4.4.0 by @dependabot in https://github.com/apache/shiro/pull/1710
• chore(deps): bump org.yaml:snakeyaml from 2.2 to 2.3 by @dependabot in https://github.com/apache/shiro/pull/1711
• chore(deps): bump org.omnifaces:omnifaces from 3.14.5 to 3.14.6 by @dependabot in https://github.com/apache/shiro/pull/1713
• chore(deps): bump org.owasp:dependency-check-maven from 10.0.3 to 10.0.4 by @dependabot in https://github.com/apache/shiro/pull/1712
• chore(deps): bump org.codehaus.mojo:buildnumber-maven-plugin from 3.2.0 to 3.2.1 by @dependabot in https://github.com/apache/shiro/pull/1716
• chore(deps): bump jetty.version from 9.4.55.v20240627 to 9.4.56.v20240826 by @dependabot in https://github.com/apache/shiro/pull/1718
• chore(deps): bump actions/setup-java from 4.2.2 to 4.3.0 by @dependabot in https://github.com/apache/shiro/pull/1719
• chore(deps): bump log4j.version from 2.23.1 to 2.24.0 by @dependabot in https://github.com/apache/shiro/pull/1721
• chore(deps-dev): bump tomcat.version from 10.1.28 to 10.1.29 by @dependabot in https://github.com/apache/shiro/pull/1723
• chore(deps): bump groovy.version from 4.0.22 to 4.0.23 by @dependabot in https://github.com/apache/shiro/pull/1724
• chore(deps): bump github/codeql-action from 3.26.6 to 3.26.7 by @dependabot in https://github.com/apache/shiro/pull/1725
• chore(deps-dev): bump tomcat.version from 10.1.29 to 10.1.30 by @dependabot in https://github.com/apache/shiro/pull/1729
• chore(deps): bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in https://github.com/apache/shiro/pull/1760
• deps: updated Spring to 3.3.4 / 6.1.13 by @lprimak in https://github.com/apache/shiro/pull/1761
• chore(deps): bump com.flowlogix:flowlogix-jee from 5.5.4 to 5.5.5 by @dependabot in https://github.com/apache/shiro/pull/1763
• chore(deps): bump org.codehaus.mojo:jdepend-maven-plugin from 2.0 to 2.1 by @dependabot in https://github.com/apache/shiro/pull/1767
• chore(deps): bump actions/setup-java from 4.3.0 to 4.4.0 by @dependabot in https://github.com/apache/shiro/pull/1764
• chore(deps): bump bytebuddy.version from 1.15.1 to 1.15.2 by @dependabot in https://github.com/apache/shiro/pull/1769
• chore(deps): bump com.mycila:license-maven-plugin from 4.5 to 4.6 by @dependabot in https://github.com/apache/shiro/pull/1771
• chore(deps-dev): bump junit.engine.version from 1.11.0 to 1.11.1 by @dependabot in https://github.com/apache/shiro/pull/1770
• chore(deps): bump junit.version from 5.11.0 to 5.11.1 by @dependabot in https://github.com/apache/shiro/pull/1772
• chore(deps): bump github/codeql-action from 3.26.8 to 3.26.9 by @dependabot in https://github.com/apache/shiro/pull/1773
• chore(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in https://github.com/apache/shiro/pull/1775
• chore(deps): bump mockito.version from 5.13.0 to 5.14.0 by @dependabot in https://github.com/apache/shiro/pull/1777
• chore(deps): bump bytebuddy.version from 1.15.2 to 1.15.3 by @dependabot in https://github.com/apache/shiro/pull/1778
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.18.1 to 10.18.2 by @dependabot in https://github.com/apache/shiro/pull/1784
• chore(deps): bump mockito.version from 5.14.0 to 5.14.1 by @dependabot in https://github.com/apache/shiro/pull/1782
• chore(deps): bump github/codeql-action from 3.26.9 to 3.26.10 by @dependabot in https://github.com/apache/shiro/pull/1779
• chore(deps): bump log4j.version from 2.24.0 to 2.24.1 by @dependabot in https://github.com/apache/shiro/pull/1783
• chore(deps): bump org.apache.maven.skins:maven-fluido-skin from 2.0.0-M10 to 2.0.0-M11 by @dependabot in https://github.com/apache/shiro/pull/1785
• chore(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 3.0.2 to 4.0.1 by @dependabot in https://github.com/apache/shiro/pull/1790
• chore(deps): bump github/codeql-action from 3.26.10 to 3.26.11 by @dependabot in https://github.com/apache/shiro/pull/1791
• chore(deps-dev): bump junit.engine.version from 1.11.1 to 1.11.2 by @dependabot in https://github.com/apache/shiro/pull/1793
• chore(deps): bump junit.version from 5.11.1 to 5.11.2 by @dependabot in https://github.com/apache/shiro/pull/1792
• chore(deps): bump actions/checkout from 4.2.0 to 4.2.1 by @dependabot in https://github.com/apache/shiro/pull/1794
• chore(deps): bump actions/cache from 4.0.2 to 4.1.0 by @dependabot in https://github.com/apache/shiro/pull/1795
• chore(deps-dev): bump org.junit-pioneer:junit-pioneer from 2.2.0 to 2.3.0 by @dependabot in https://github.com/apache/shiro/pull/1802
• chore(deps): bump github/codeql-action from 3.26.11 to 3.26.12 by @dependabot in https://github.com/apache/shiro/pull/1796
• chore(deps): bump actions/upload-artifact from 4.4.0 to 4.4.1 by @dependabot in https://github.com/apache/shiro/pull/1797
• chore(deps): bump actions/cache from 4.1.0 to 4.1.1 by @dependabot in https://github.com/apache/shiro/pull/1803
• chore(deps): bump actions/upload-artifact from 4.4.1 to 4.4.3 by @dependabot in https://github.com/apache/shiro/pull/1805
• chore(deps): bump bytebuddy.version from 1.15.3 to 1.15.4 by @dependabot in https://github.com/apache/shiro/pull/1807
• chore(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.10.3 to 3.11.0 by @dependabot in https://github.com/apache/shiro/pull/1813
• chore(deps): bump org.codehaus.mojo:taglist-maven-plugin from 3.1.0 to 3.2.0 by @dependabot in https://github.com/apache/shiro/pull/1812
• chore(deps): bump com.flowlogix:flowlogix-jee from 5.5.5 to 5.5.6 by @dependabot in https://github.com/apache/shiro/pull/1811
• chore(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by @dependabot in https://github.com/apache/shiro/pull/1816
• chore(deps): bump org.codehaus.mojo:taglist-maven-plugin from 3.2.0 to 3.2.1 by @dependabot in https://github.com/apache/shiro/pull/1814
• chore(deps): bump mockito.version from 5.14.1 to 5.14.2 by @dependabot in https://github.com/apache/shiro/pull/1818
• chore(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.11.0 to 3.11.1 by @dependabot in https://github.com/apache/shiro/pull/1817
• chore(deps): bump bytebuddy.version from 1.15.4 to 1.15.5 by @dependabot in https://github.com/apache/shiro/pull/1821
• chore(deps-dev): bump junit.engine.version from 1.11.2 to 1.11.3 by @dependabot in https://github.com/apache/shiro/pull/1827
• chore(deps): bump org.owasp:dependency-check-maven from 10.0.4 to 11.0.0 by @dependabot in https://github.com/apache/shiro/pull/1828
• chore(deps): bump org.apache.maven.plugins:maven-help-plugin from 3.5.0 to 3.5.1 by @dependabot in https://github.com/apache/shiro/pull/1825
• chore(deps): bump junit.version from 5.11.2 to 5.11.3 by @dependabot in https://github.com/apache/shiro/pull/1824
• chore(deps): bump org.htmlunit:htmlunit from 4.4.0 to 4.5.0 by @dependabot in https://github.com/apache/shiro/pull/1826
• chore(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by @dependabot in https://github.com/apache/shiro/pull/1834
• chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.4.1 to 3.5.0 by @dependabot in https://github.com/apache/shiro/pull/1833
• chore(deps): bump actions/cache from 4.1.1 to 4.1.2 by @dependabot in https://github.com/apache/shiro/pull/1835
• chore(deps): bump org.jboss.shrinkwrap.resolver:shrinkwrap-resolver-bom from 3.3.1 to 3.3.2 by @dependabot in https://github.com/apache/shiro/pull/1837
• chore(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in https://github.com/apache/shiro/pull/1839
• chore(deps): bump bytebuddy.version from 1.15.5 to 1.15.7 by @dependabot in https://github.com/apache/shiro/pull/1836
• chore(deps): bump actions/setup-java from 4.4.0 to 4.5.0 by @dependabot in https://github.com/apache/shiro/pull/1840
• chore(deps): bump org.apache.maven.plugins:maven-jxr-plugin from 3.5.0 to 3.6.0 by @dependabot in https://github.com/apache/shiro/pull/1842
• chore(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.5.0 to 3.6.0 by @dependabot in https://github.com/apache/shiro/pull/1841
• chore(deps): bump org.quartz-scheduler:quartz from 2.5.0-rc1 to 2.5.0-rc2 by @dependabot in https://github.com/apache/shiro/pull/1843
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.18.2 to 10.19.0 by @dependabot in https://github.com/apache/shiro/pull/1847
• chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.25.0 to 3.26.0 by @dependabot in https://github.com/apache/shiro/pull/1848
• chore(deps): bump org.owasp:dependency-check-maven from 11.0.0 to 11.1.0 by @dependabot in https://github.com/apache/shiro/pull/1853
• chore(deps-dev): bump org.bouncycastle:bcprov-jdk18on from 1.78.1 to 1.79 by @dependabot in https://github.com/apache/shiro/pull/1852
• chore(deps): bump com.puppycrawl.tools:checkstyle from 10.19.0 to 10.20.0 by @dependabot in https://github.com/apache/shiro/pull/1854
• chore(deps-dev): bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4 by @dependabot in https://github.com/apache/shiro/pull/1856
• chore(deps): bump bytebuddy.version from 1.15.7 to 1.15.10 by @dependabot in https://github.com/apache/shiro/pull/1855
• chore(deps): bump org.apache.maven.skins:maven-fluido-skin from 2.0.0-M11 to 2.0.0 by @dependabot in https://github.com/apache/shiro/pull/1864
• chore(deps): bump org.htmlunit:htmlunit from 4.5.0 to 4.6.0 by @dependabot in https://github.com/apache/shiro/pull/1865

• @minchai23 made their first contribution in https://github.com/apache/shiro/pull/1498

Full Changelog: https://github.com/apache/shiro/compare/shiro-root-2.0.1...shiro-root-2.0.2