7.0.0-RC3
WebAuthnAuthenticationFilteris not getting post-processed byEnableMfaFiltersPostProcessor#18128- AOT hints for authorization server Jackson 3 types should be registered #18146
- JdbcRegisteredClientRepository should support Jackson 3 #18143
- RequestHeaderAuthenticationFilter#getPreAuthenticatedPrincipal should be declared
@Nullable#18046
7.0.0-RC1
- Align setRetrieveUserInfo() between OidcUserService and OidcReactiveOAuth2UserService #18057
- Consider disabling device_code grant by default #17998
- Enable PKCE by default #17507
- Enable PKCE by default in authorization server #18020
- Favor Relative Redirects by Default #16300
- Remove cache from (Reactive)OidcIdTokenDecoderFactory #16647
- Remove OidcUserService.setAccessibleScopes() #18056
- Remove setOidcUserMapper() in OidcUserService and OidcReactiveOAuth2UserService #18060
- Remove unnecessary throws Exception from spring-security-config #17957
- Add
@EnableGlobalMultiFactorAuthentication#17954 - Add
GrantedAuthorities.FACTOR_*_AUTHORITY#17952 - Add
RequiredFactor.Builder.Authority()#18033 - Add
TestingAuthenticationToken(Object principal,Object credential,String... authorities)#17980 - Add AccessDeniedHandler that Ties Authorities to Authentication Entry Points #17934
- Add AllAuthorities(Reactive)AuthorizationManager #17916
- Add AllFactorsAuthorizationManager #17997
- Add DefaultAuthorizationManagerFactory.additionalAuthorization #17942
- Add FactorGrantedAuthority #17996
- Add Jackson 3 support and deprecate Jackson 2 one #17832
- Add Predicate for authorizationConsentRequired for device code grant #18016
- Add RequiredAuthoritiesAuthorizationManager #18028
- Add SecurityMockMvcResultMatchers.withAuthorities(String...) #17974
- Add support for OAuth 2.0 Dynamic Client Registration Protocol #17964
- AllFactorsAuthorizationManager -> AllRequiredFactorsAuthorizationManager #18031
- Allow OAuth2AuthorizationRequest to be extended #18049
- Authentication should use FactorGrantedAuthority #18001
- Create AuthorizationManagerFactories.multiFactor #18032
- Default Login Page Should Pre-populate Username Field If Already Logged In #17935
- DelegatingAuthenticationEntryPoint should use RequestMatcherEntry #17915
- DelegatingMissingAuthorityAccessDeniedHandler Should Use RequiredFactorErrors #18002
- Document Multi-Factor Simple to Complex #18029
- Fix-typos #18035
- HttpSecurity should allow for
AuthorizationManager<? super RequestAuthorizationContext>#17931 - Implement OAuth 2.0 Protected Resource Metadata #17244
- Improve Passivity when Merging Authorities #18052
- Providers Should Add an Authority Representing Successful Authentication #17933
- Security Expressions Should Allow Returning an AuthorizationManager #17936
- Support Automatically Checking for Required Authorities in Authorization Rules #17900
- Support injecting clock into token generation code #18017
- Use
AuthorizationManagerFactoryin Kotlin DSL #17860
- DelegatingAuthenticationEntryPoint.Builder should not throw exception when default entry point is specified #17955
- Deprecate
CacheControlServerHttpHeadersWriter.CACHE_CONTRTOL_VALUE#18058 - Fix typo in AuthenticationProvider Javadoc #17967
- HttpSecurity.oauth2AuthorizationServer should not automatically set
HttpSecurity.securityMatcher#17965 - Mismatch Between DefaultLoginPageGeneratingFilter and DelegatingMissingAuthorityAccessDeniedHandler #18000
- Move FACTOR_ constants to FactorGrantedAuthority #18030
- Prevent Duplicate
GrantedAuthority#getAuthority()at time of Authentication #17981 - ProviderManager.copyDetails Changes Authentication to new Type #18027
- Update terminology to HTTP Service Clients #17947
- Bump ch.qos.logback:logback-classic from 1.5.19 to 1.5.20 #18079
- Bump com.password4j:password4j from 1.8.2 to 1.8.4 #17904
- Bump com.webauthn4j:webauthn4j-core from 0.29.6.RELEASE to 0.29.7.RELEASE #17982
- Bump io.micrometer:micrometer-observation from 1.14.11 to 1.14.12 #18043
- Bump io.mockk:mockk from 1.14.5 to 1.14.6 #17983
- Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.5 to 0.0.6 #18055
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #17903
- Bump org.apache.httpcomponents.client5:httpclient5 from 5.5 to 5.5.1 #17970
- Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 #17949
- Bump org.gretty:gretty from 4.1.7 to 4.1.10 #17943
- Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.15 #18064
- Update JUnit 6.0.0 #18040
- Update to Reactor 2025.0.0-RC1 #18087
- Update to Spring Data 2025.1.0-RC1 #18085
- Update to Spring Framework 7.0.0-RC1 #18084
- Update to Spring LDAP 4.0.0-RC1 #18086
- Bump antora from 3.2.0-alpha.9 to 3.2.0-alpha.10 in /docs #18009
- Remove Deprecations #13068
- Update to Reactor 2025.0.0-SNAPSHOT #18041
Thank you to all the contributors who worked on this release:
- Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17911
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17914
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17905
- Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17906
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17907
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17908
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17909
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17910
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17912
- Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17913
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17903
- Bump com.password4j:password4j from 1.8.2 to 1.8.4 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17904
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17917
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17918
- Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17919
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17920
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17921
- Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17922
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17923
- Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17924
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17925
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17926
- Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17929
- Bump org.assertj:assertj-core from 3.27.4 to 3.27.5 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17937
- Bump org.gretty:gretty from 4.1.7 to 4.1.10 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17943
- Bump org.gretty:gretty from 4.1.7 to 4.1.10 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17945
- Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17930
- Bump org.assertj:assertj-core from 3.27.4 to 3.27.5 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17938
- Bump org.gretty:gretty from 4.1.7 to 4.1.10 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17944
- Add DefaultAuthorizationManagerFactory.additionalAuthorization by @therepanic in https://github.com/spring-projects/spring-security/pull/17942
- Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17949
- Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17950
- Bump org.apache.httpcomponents.client5:httpclient5 from 5.5 to 5.5.1 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17970
- Bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17977
- Bump io.mockk:mockk from 1.14.5 to 1.14.6 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17984
- Bump com.webauthn4j:webauthn4j-core from 0.29.6.RELEASE to 0.29.7.RELEASE by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17985
- Bump org.hibernate.orm:hibernate-core from 6.6.29.Final to 6.6.31.Final by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18010
- Bump org.hibernate.orm:hibernate-core from 6.6.29.Final to 6.6.31.Final by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18011
- Bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17978
- Bump io.mockk:mockk from 1.14.5 to 1.14.6 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17983
- Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.4 to 0.0.5 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17992
- Bump ch.qos.logback:logback-classic from 1.5.18 to 1.5.19 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17976
- Bump com.webauthn4j:webauthn4j-core from 0.29.6.RELEASE to 0.29.7.RELEASE by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/17982
- Bump antora from 3.2.0-alpha.9 to 3.2.0-alpha.10 in /docs by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18009
- Enhancements to Authentication#toBuilder by @jzheaux in https://github.com/spring-projects/spring-security/pull/18050
- Bump org.hibernate.orm:hibernate-core from 6.6.31.Final to 6.6.33.Final by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18038
- Bump org.hibernate.orm:hibernate-core from 6.6.31.Final to 6.6.33.Final by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18039
- Bump io.micrometer:micrometer-observation from 1.14.11 to 1.14.12 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18044
- Bump io.micrometer:micrometer-observation from 1.14.11 to 1.14.12 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18045
- Bump io.micrometer:micrometer-observation from 1.14.11 to 1.14.12 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18043
- Fix typo in AuthenticationProvider Javadoc by @parthokr in https://github.com/spring-projects/spring-security/pull/17967
- Fix-typos by @ngocnhan-tran1996 in https://github.com/spring-projects/spring-security/pull/18035
- Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.15 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18064
- Bump org.springframework.ldap:spring-ldap-core from 3.2.14 to 3.2.15 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18065
- Bump org.springframework:spring-framework-bom from 6.2.11 to 6.2.12 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18068
- Bump org.springframework.ldap:spring-ldap-core from 3.2.14 to 3.2.15 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18067
- Bump org.springframework:spring-framework-bom from 6.2.11 to 6.2.12 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18066
- Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.5 to 0.0.6 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18055
- Add Jackson 3 support and deprecate Jackson 2 one by @sdeleuze in https://github.com/spring-projects/spring-security/pull/17832
- Bump org.springframework.data:spring-data-bom from 2024.1.10 to 2024.1.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18081
- Bump ch.qos.logback:logback-classic from 1.5.19 to 1.5.20 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18080
- Bump ch.qos.logback:logback-classic from 1.5.19 to 1.5.20 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18082
- Bump org.springframework.data:spring-data-bom from 2024.1.10 to 2024.1.11 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18083
- Bump ch.qos.logback:logback-classic from 1.5.19 to 1.5.20 by @dependabot[bot] in https://github.com/spring-projects/spring-security/pull/18079
- @parthokr made their first contribution in https://github.com/spring-projects/spring-security/pull/17967
- @sdeleuze made their first contribution in https://github.com/spring-projects/spring-security/pull/17832
Full Changelog: https://github.com/spring-projects/spring-security/compare/7.0.0-M3...7.0.0-RC1
6.5.6
- Bump ch.qos.logback:logback-classic from 1.5.19 to 1.5.20 #18082
- Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #17930
- Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17929
- Bump io.micrometer:micrometer-observation from 1.14.11 to 1.14.12 #18045
- Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 #17950
- Bump org.gretty:gretty from 4.1.7 to 4.1.10 #17945
- Bump org.hibernate.orm:hibernate-core from 6.6.31.Final to 6.6.33.Final #18039
- Bump org.springframework.data:spring-data-bom from 2024.1.10 to 2024.1.11 #18083
- Bump org.springframework.ldap:spring-ldap-core from 3.2.14 to 3.2.15 #18067
- Bump org.springframework:spring-framework-bom from 6.2.11 to 6.2.12 #18068
6.4.12
- Bump ch.qos.logback:logback-classic from 1.5.19 to 1.5.20 #18080
- Bump com.webauthn4j:webauthn4j-core from 0.29.6.RELEASE to 0.29.7.RELEASE #17985
- Bump io.micrometer:micrometer-observation from 1.14.11 to 1.14.12 #18044
- Bump io.mockk:mockk from 1.14.5 to 1.14.6 #17984
- Bump org.gretty:gretty from 4.1.7 to 4.1.10 #17944
- Bump org.hibernate.orm:hibernate-core from 6.6.31.Final to 6.6.33.Final #18038
- Bump org.springframework.data:spring-data-bom from 2024.1.10 to 2024.1.11 #18081
- Bump org.springframework.ldap:spring-ldap-core from 3.2.14 to 3.2.15 #18065
- Bump org.springframework:spring-framework-bom from 6.2.11 to 6.2.12 #18066
6.4.11
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #17921
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #17909
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #17918
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #17905
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final #17917
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final #17907
- Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 #17919
- Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 #17906
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17920
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17908
6.5.5
- Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #17922
- Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #17911
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #17923
- Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #17910
- Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final #17924
- Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final #17913
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 #17925
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 #17912
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17926
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17914
7.0.0-M3
- Add
discoverJwsAlgorithms()inNimbusJwtDecoder#17788 - Add AuthorizationManagerFactory #17673
- Add Builders for all Authentication implementations #17861
- Add OneTimeTokenAuthentication #17799
- Add option to disable anonymous authentication in
RSocketSecurity#17159 - Add password4j implementation of PasswordEncoder #17825
- Add SecurityAssertions #17844
- Align NimbusJwtDecoder HTTP timeout defaults with Nimbus by setting to 500ms #17669
- Allow multiple ServerLogoutHandler instances in ServerHttpSecurity #17381
- Allow specifying a ServerAuthenticationConverter for x509() #17382
- AuthenticatedMatcher#withRoles should only check roles #17843
- Change
@Beanmethod signature to return RsaKeyConversionServicePostProcessor instead of BeanFactoryPostProcessor #17672 - Enable Null checking in spring-security-cas via JSpecify #17826
- Enable Null checking in spring-security-data via JSpecify #17789
- Enable Null checking in spring-security-messaging via JSpecify #17817
- Enable Null checking in spring-security-rsocket via JSpecify #17827
- Enable Null checking in spring-security-taglibs via JSpecify #17828
- Enable Null checking in spring-security-test via JSpecify #17840
- Enable Null checking in spring-security-webauthn via JSpecify #17839
- Integrate Spring Authorization Server #17880
- Move Access API to Separate Module #17847
- Move Spring Security Kerberos Extension into Spring Security #17879
- Propagate Authorities From Previous Authentications #17862
- Remove PortResolver #15971
- Remove redundant code in document #17813
- RequestMatchers should implement equals and hashCode #17842
- SpringTestContext should register a WebTestClient Bean #17780
- Support
@ClientRegistrationIdat Class Level #17838 - Support Modular Spring Security Configuration #16258
- APIs should Use
Supplier<? extends@NullableAuthentication>#17814 - AuthorizationManager should allow null Authentication #17795
- Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #17872
- Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17834
- Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #17856
- Bump io.projectreactor:reactor-bom from 2025.0.0-M6 to 2025.0.0-M7 #17866
- Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.2 to 0.0.3 #17765
- Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.3 to 0.0.4 #17776
- Bump org-opensaml5 from 5.1.5 to 5.1.6 #17809
- Bump org.jetbrains.kotlin:kotlin-bom from 2.2.0 to 2.2.20 #17871
- Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 2.2.0 to 2.2.20 #17873
- Bump org.springframework.data:spring-data-bom from 2025.1.0-M5 to 2025.1.0-M6 #17888
- Bump org.springframework:spring-framework-bom from 7.0.0-M8 to 7.0.0-M9 #17876
- Bump
@antora/atlas-extension from 1.0.0-alpha.2 to 1.0.0-alpha.5 in /docs #17886 - Fix misleading variable name in authentication filter #17751
- Remove unused import #17750
Thank you to all the contributors who worked on this release:
@bbudano, @blake-bauman, @frido37, @jaehwan02, @jzheaux, @kse-music, @mehrdadbozorgmehr, @ngocnhan-tran1996, @quaff, @sjohnr, and @therepanic
6.5.4
- Update servlet test method docs to use include-code #17749
- Annonation Scanning Should Fallback to Object when Parameter Matching #17899
- Fix double-slash when basePath is root #17841
- Fix traceId discrepancy in case error in servlet web #17796
- Reference should advise avoiding post-authorization on writes #17798
- Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #17893
- Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #17874
- Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17895
- Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17854
- Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #17836
- Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #17894
- Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #17858
- Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #17767
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17766
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17759
- Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.28.Final #17853
- Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.28.Final #17837
- Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final #17896
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 #17897
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #17855
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #17791
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #17771
- Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #17758
- Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14 #17773
Thank you to all the contributors who worked on this release:
@jkuhel and @therepanic
6.4.10
- Annonation Scanning Should Fallback to Object when Parameter Matching #17898
- Fix traceId discrepancy in case error in servlet web #17134
- Reference should advise avoiding post-authorization on writes #17797
- Remove MockWebServer from JwtIssuerAuthenticationManagerResolverTests #17869
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17792
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17778
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17769
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #17892
- Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #17857
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17777
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17768
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17755
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.28.Final #17851
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.28.Final #17835
- Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final #17890
- Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 #17891
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17889
- Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17877
- Update to nimbus-jose-jwt:9.37.4 #17875
Thank you to all the contributors who worked on this release:
@nkonev