JavaGolangJavaScriptSwiftAndroidMiddleware
3 hours ago
spring-security
spring-projects

7.0.0-M3

⏪ Breaking Changes

  • Remove PortResolver #17524
  • Support Expression Templates by Default #17763

⭐ New Features

  • Add discoverJwsAlgorithms() in NimbusJwtDecoder #17788
  • Add AuthorizationManagerFactory #17673
  • Add Builders for all Authentication implementations #17861
  • Add OneTimeTokenAuthentication #17799
  • Add option to disable anonymous authentication in RSocketSecurity #17159
  • Add password4j implementation of PasswordEncoder #17825
  • Add SecurityAssertions #17844
  • Align NimbusJwtDecoder HTTP timeout defaults with Nimbus by setting to 500ms #17669
  • Allow multiple ServerLogoutHandler instances in ServerHttpSecurity #17381
  • Allow specifying a ServerAuthenticationConverter for x509() #17382
  • AuthenticatedMatcher#withRoles should only check roles #17843
  • Change @Bean method signature to return RsaKeyConversionServicePostProcessor instead of BeanFactoryPostProcessor #17672
  • Enable Null checking in spring-security-cas via JSpecify #17826
  • Enable Null checking in spring-security-data via JSpecify #17789
  • Enable Null checking in spring-security-messaging via JSpecify #17817
  • Enable Null checking in spring-security-rsocket via JSpecify #17827
  • Enable Null checking in spring-security-taglibs via JSpecify #17828
  • Enable Null checking in spring-security-test via JSpecify #17840
  • Enable Null checking in spring-security-webauthn via JSpecify #17839
  • Integrate Spring Authorization Server #17880
  • Move Access API to Separate Module #17847
  • Move Spring Security Kerberos Extension into Spring Security #17879
  • Propagate Authorities From Previous Authentications #17862
  • Remove PortResolver #15971
  • Remove redundant code in document #17813
  • RequestMatchers should implement equals and hashCode #17842
  • SpringTestContext should register a WebTestClient Bean #17780
  • Support @ClientRegistrationId at Class Level #17838
  • Support Modular Spring Security Configuration #16258

🪲 Bug Fixes

  • APIs should Use Supplier<? extends @Nullable Authentication> #17814
  • AuthorizationManager should allow null Authentication #17795

🔨 Dependency Upgrades

  • Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #17872
  • Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17834
  • Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #17856
  • Bump io.projectreactor:reactor-bom from 2025.0.0-M6 to 2025.0.0-M7 #17866
  • Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.2 to 0.0.3 #17765
  • Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.3 to 0.0.4 #17776
  • Bump org-opensaml5 from 5.1.5 to 5.1.6 #17809
  • Bump org.jetbrains.kotlin:kotlin-bom from 2.2.0 to 2.2.20 #17871
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 2.2.0 to 2.2.20 #17873
  • Bump org.springframework.data:spring-data-bom from 2025.1.0-M5 to 2025.1.0-M6 #17888
  • Bump org.springframework:spring-framework-bom from 7.0.0-M8 to 7.0.0-M9 #17876

🔩 Build Updates

  • Bump @antora/atlas-extension from 1.0.0-alpha.2 to 1.0.0-alpha.5 in /docs #17886
  • Fix misleading variable name in authentication filter #17751
  • Remove unused import #17750

❤️ Contributors

Thank you to all the contributors who worked on this release:

@bbudano, @blake-bauman, @frido37, @jaehwan02, @jzheaux, @kse-music, @mehrdadbozorgmehr, @ngocnhan-tran1996, @quaff, @sjohnr, and @therepanic

3 hours ago
spring-security
spring-projects

6.5.4

⭐ New Features

  • Update servlet test method docs to use include-code #17749

🪲 Bug Fixes

  • Annonation Scanning Should Fallback to Object when Parameter Matching #17899
  • Fix double-slash when basePath is root #17841
  • Fix traceId discrepancy in case error in servlet web #17796
  • Reference should advise avoiding post-authorization on writes #17798

🔨 Dependency Upgrades

  • Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #17893
  • Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #17874
  • Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17895
  • Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17854
  • Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17836
  • Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #17894
  • Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #17858
  • Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #17767
  • Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17766
  • Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17759
  • Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.28.Final #17853
  • Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.28.Final #17837
  • Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final #17896
  • Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 #17897
  • Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #17855
  • Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #17791
  • Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #17771
  • Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #17758
  • Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14 #17773

❤️ Contributors

Thank you to all the contributors who worked on this release:

@jkuhel and @therepanic

4 hours ago
spring-security
spring-projects

6.4.10

🪲 Bug Fixes

  • Annonation Scanning Should Fallback to Object when Parameter Matching #17898
  • Fix traceId discrepancy in case error in servlet web #17134
  • Reference should advise avoiding post-authorization on writes #17797
  • Remove MockWebServer from JwtIssuerAuthenticationManagerResolverTests #17869

🔨 Dependency Upgrades

  • Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17792
  • Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17778
  • Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17769
  • Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #17892
  • Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #17857
  • Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17777
  • Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17768
  • Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17755
  • Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.28.Final #17851
  • Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.28.Final #17835
  • Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final #17890
  • Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 #17891
  • Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17889
  • Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17877
  • Update to nimbus-jose-jwt:9.37.4 #17875

❤️ Contributors

Thank you to all the contributors who worked on this release:

@nkonev

4 hours ago
Activiti
Activiti

7.20.0-rc.619

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.618...7.20.0-rc.619

4 hours ago
Activiti
Activiti

7.20.0-rc.618

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.617...7.20.0-rc.618

6 hours ago
Activiti
Activiti

7.20.0-rc.617

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.616...7.20.0-rc.617

7 hours ago
ip2region
lionsoul2014

v3.2.0-release

  1. PHP binding 提供了对 IPv6 的查询支持,具体使用文档请参考 PHP Binding,测试方式如下:
➜  php git:(master) php search_test.php --db=../../data/ip2region_v6.xdb
ip2region xdb searcher test program
source xdb file: ../../data/ip2region_v6.xdb (IPv6, vectorIndex)
type 'quit' to exit
ip2region>> ::
{region: |||, ioCount: 2, took: 0.03223 ms}
ip2region>> 2001:3:ffff:ffff:ffff:ffff:ffff:ffff
{region: 美国|加利福尼亚州|洛杉矶|专线用户, ioCount: 21, took: 0.06592 ms}
ip2region>> 240e:3b7:3272:d8d0:3b7b:3ee0:1d39:848
{region: 中国|广东省|深圳市|家庭宽带, ioCount: 14, took: 0.05078 ms}
  1. php binding 实现引入了命名空间 \ip2region\xdb 来进行管理,将具体的实现封装到了四个核心类,具体如下:
类名 描述
Util 全部的工具类函数都封装在这个类中,例如:parseIP / loadHeader / loadVectorIndex 等等。
IPv4 / IPv6 IP版本管理类,拆异化的 IPv4/IPv6 管理。
Searcher xdb 查询的具体实现封装,主要提供了 search(string) 和 searchByBytes(bytes) 两个查询接口。
  1. PHP 使用引入方式如下:
// 引入 xdb 类包,require 或者 autoload 对应的 class.
require 'xdb/Searcher.class.php'; 

// use 申明
use \ip2region\xdb\Util;
use \ip2region\xdb\{IPv4, IPv6};
use \ip2region\xdb\Searcher;

// 类的使用请参考 php binding 的 ReadMe
  1. 查询平均耗时:Razer 笔记本 / Ubuntu (电源均衡模式) + SATA SSD / VectorIndex 缓存,bench 结果如下:
➜  php git:(master) php bench_test.php --db=../../data/ip2region_v6.xdb --src=../../data/ipv6_source.txt
Bench finished, {cachePolicy: vectorIndex, total: 34159862, took: 1587s, cost: 0.046 ms/op}

341.6万个 IPv6 平均查询耗时为 46 微秒/次。

8 hours ago
Activiti
Activiti

7.20.0-rc.616

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.615...7.20.0-rc.616

9 hours ago
Activiti
Activiti

7.20.0-rc.615

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.614...7.20.0-rc.615

11 hours ago
Activiti
Activiti

7.20.0-rc.614

Full Changelog: https://github.com/Activiti/Activiti/compare/7.20.0-rc.613...7.20.0-rc.614