Update dependency org.springframework.security:spring-security-test to v6.5.9

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
org.springframework.security:spring-security-test (source)	6.3.4 → 6.5.9

---

Release Notes

spring-projects/spring-security (org.springframework.security:spring-security-test)

v6.5.9

Compare Source

⭐ New Features

• Update Link to CSRF Docs in FAQ #​18616

🪲 Bug Fixes

• Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #​18544
• saveAuthenticationRequest should read relayState from authenticationRequest #​18872
• Add Missing OnCommitedResponseWrapper Header Overrides #​18798
• Clarify Resource Server startup expectations #​18518
• Correct Reference to Clear-Site-Data Directive enum #​18273
• Fix CookieRequestCache parameters #​18857
• Fix Flaky Crypto Tests #​18841
• Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #​18896

🔨 Dependency Upgrades

• Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #​18854
• Bump actions/upload-artifact from 6.0.0 to 7.0.0 #​18809
• Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #​18749
• Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #​18779
• Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #​18876
• Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #​18750
• Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #​18791
• Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #​18860
• Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #​18886
• Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #​18780
• Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #​18829
• Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #​18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Hann244, @​Khyojae, @​ghusta, @​itsmevichu, @​qihaiyan, @​rwinch, @​therepanic, and @​ziqin

v6.5.8

Compare Source

⭐ New Features

• Add @FunctionalInterface to RequestMatcher #​18337
• Spring Security 7 should provide migration path from request-matcher="ant" #​18211
• Stop deploying JavaDoc outside of Antora #​18199

🪲 Bug Fixes

• Add Missing Migration Pages to Navigation #​18313
• Create SHA-1 MessageDigest for every new check request in Compromised Password Checker #​18235
• Fix typo in "Preparing for 7.0" in reference to PathPatternRequestMatcher #​18336
• Fix typo in AnnotationTemplateExpressionDefaults documentation #​18176
• Fix typos in documentation depenendencies->dependencies #​18208

🔨 Dependency Upgrades

• Bump @antora/atlas-extension from 1.0.0-alpha.2 to 1.0.0-alpha.5 in /docs #​18675
• Bump @antora/collector-extension from 1.0.1 to 1.0.2 in /docs #​18677
• Bump @springio/antora-extensions from 1.14.4 to 1.14.7 in /docs #​18676
• Bump antora from 3.2.0-alpha.8 to 3.2.0-alpha.11 in /docs #​18679
• Bump ch.qos.logback:logback-classic from 1.5.20 to 1.5.21 #​18192
• Bump ch.qos.logback:logback-classic from 1.5.21 to 1.5.22 #​18321
• Bump ch.qos.logback:logback-classic from 1.5.22 to 1.5.24 #​18387
• Bump ch.qos.logback:logback-classic from 1.5.24 to 1.5.25 #​18525
• Bump ch.qos.logback:logback-classic from 1.5.25 to 1.5.26 #​18591
• Bump ch.qos.logback:logback-classic from 1.5.26 to 1.5.27 #​18631
• Bump ch.qos.logback:logback-classic from 1.5.27 to 1.5.28 #​18678
• Bump ch.qos.logback:logback-classic from 1.5.28 to 1.5.29 #​18710
• Bump gradle-wrapper from 8.14 to 8.14.4 #​18704
• Bump io.micrometer:context-propagation from 1.1.3 to 1.1.4 #​18703
• Bump io.micrometer:micrometer-observation from 1.14.13 to 1.14.14 #​18279
• Bump io.mockk:mockk from 1.14.6 to 1.14.7 #​18275
• Bump io.projectreactor:reactor-bom from 2024.0.12 to 2024.0.13 #​18293
• Bump io.projectreactor:reactor-bom from 2024.0.13 to 2024.0.14 #​18495
• Bump io.projectreactor:reactor-bom from 2024.0.14 to 2024.0.15 #​18716
• Bump io.spring.develocity.conventions from 0.0.24 to 0.0.25 #​18535
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.13 to 1.0.14 #​18724
• Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.4 to 4.0.5 #​18670
• Bump org-apache-maven-resolver from 1.9.24 to 1.9.25 #​18292
• Bump org-aspectj from 1.9.25 to 1.9.25.1 #​18329
• Bump org.apache.maven:maven-resolver-provider from 3.9.11 to 3.9.12 #​18352
• Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 #​18590
• Bump org.hibernate.orm:hibernate-core from 6.6.34.Final to 6.6.36.Final #​18193
• Bump org.hibernate.orm:hibernate-core from 6.6.36.Final to 6.6.38.Final #​18241
• Bump org.hibernate.orm:hibernate-core from 6.6.38.Final to 6.6.39.Final #​18308
• Bump org.hibernate.orm:hibernate-core from 6.6.39.Final to 6.6.40.Final #​18351
• Bump org.hibernate.orm:hibernate-core from 6.6.40.Final to 6.6.41.Final #​18524
• Bump org.hibernate.orm:hibernate-core from 6.6.41.Final to 6.6.42.Final #​18632
• Bump org.springframework.data:spring-data-bom from 2024.1.12 to 2024.1.13 #​18320
• Bump org.springframework.ldap:spring-ldap-core from 3.2.15 to 3.2.16 #​18322
• Bump org.springframework:spring-framework-bom from 6.2.13 to 6.2.14 #​18206
• Bump org.springframework:spring-framework-bom from 6.2.14 to 6.2.15 #​18323
• Bump org.springframework:spring-framework-bom from 6.2.15 to 6.2.16 #​18731
• Bump spring-io/spring-doc-actions from 0.0.20 to 0.0.22 #​18649
• Update Antora UI Spring to v0.4.25 #​18402

🔩 Build Updates

• Remove unnecessary Gradle wrapper from buildSrc #​18692

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​garvit-joshi, @​ghusta, @​kucoll, and @​rwinch

v6.5.7

Compare Source

⭐ New Features

• Add Include-Code for the Password Storage page #​18054
• Default WebAuthnConfigurer#rpName to rpId #​18131
• Document effects of disabling CORS #​18129

🪲 Bug Fixes

• typ values should not be case-sensitive in JwtTypeValidator #​18101
• BCryptPasswordEncoderTests should password limit of 72 bytes #​18136
• Fix GenerateOneTimeTokenRequestResolver ignored if username param not present #​18074
• GenerateOneTimeTokenFilter should not attempt to generate a token with a null token request #​18088

🔨 Dependency Upgrades

• Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 #​18110
• Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 #​18149
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13 #​18141
• Bump org-aspectj from 1.9.24 to 1.9.25 #​18142
• Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final #​18111
• Update to Reactor 2024.0.12 #​18181
• Update to Spring Data 2024.1.12 #​18182
• Update to Spring Framework 6.2.13 #​18180

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​himanshu-pareek, @​marcusdacoregio, and @​namest504

v6.5.6

Compare Source

🔨 Dependency Upgrades

• Bump ch.qos.logback:logback-classic from 1.5.19 to 1.5.20 #​18082
• Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #​17930
• Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #​17929
• Bump io.micrometer:micrometer-observation from 1.14.11 to 1.14.12 #​18045
• Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 #​17950
• Bump org.gretty:gretty from 4.1.7 to 4.1.10 #​17945
• Bump org.hibernate.orm:hibernate-core from 6.6.31.Final to 6.6.33.Final #​18039
• Bump org.springframework.data:spring-data-bom from 2024.1.10 to 2024.1.11 #​18083
• Bump org.springframework.ldap:spring-ldap-core from 3.2.14 to 3.2.15 #​18067
• Bump org.springframework:spring-framework-bom from 6.2.11 to 6.2.12 #​18068

v6.5.5

Compare Source

🔨 Dependency Upgrades

• Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #​17922
• Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #​17911
• Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #​17923
• Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #​17910
• Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final #​17924
• Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final #​17913
• Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 #​17925
• Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 #​17912
• Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #​17926
• Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #​17914

v6.5.4

Compare Source

⭐ New Features

• Update servlet test method docs to use include-code #​17749

🪲 Bug Fixes

• Annonation Scanning Should Fallback to Object when Parameter Matching #​17899
• Fix double-slash when basePath is root #​17841
• Fix traceId discrepancy in case error in servlet web #​17796
• Reference should advise avoiding post-authorization on writes #​17798

🔨 Dependency Upgrades

• Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #​17893
• Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #​17874
• Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #​17895
• Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #​17854
• Bump com.webauthn4j:webauthn4j-core from 0.29.5.RELEASE to 0.29.6.RELEASE #​17836
• Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #​17894
• Bump io.micrometer:micrometer-observation from 1.14.10 to 1.14.11 #​17858
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #​17767
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #​17766
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #​17759
• Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.28.Final #​17853
• Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.28.Final #​17837
• Bump org.hibernate.orm:hibernate-core from 6.6.26.Final to 6.6.29.Final #​17896
• Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.10 #​17897
• Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #​17855
• Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #​17791
• Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #​17771
• Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9 #​17758
• Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14 #​17773

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​jkuhel and @​therepanic

v6.5.3

Compare Source

⭐ New Features

• Add META-INF/LICENSE.txt to published jars #​17639
• Update Angular documentation links in csrf.adoc #​17653
• Update Shibboleth Repository URL #​17637
• Use 2004-present Copyright #​17634

🪲 Bug Fixes

• Add Missing Navigation in Preparing for 7.0 Guide #​17731
• DPoP authentication throws JwtDecoderFactory ClassNotFoundException #​17249
• OpenSamlAssertingPartyDetails Should Be Serializable #​17727
• Use final values in equals and hashCode #​17621

🔨 Dependency Upgrades

• Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE #​17739
• Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE #​17690
• Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE #​17684
• Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE #​17661
• Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 #​17615
• Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 #​17599
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #​17737
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #​17701
• Bump io.mockk:mockk from 1.14.4 to 1.14.5 #​17614
• Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 #​17647
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to 1.0.11 #​17733
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to 1.0.11 #​17711
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 #​17612
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 #​17598
• Bump org-eclipse-jetty from 11.0.25 to 11.0.26 #​17742
• Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 #​17613
• Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 #​17595
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #​17760
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #​17692
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #​17683
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #​17671
• Bump org.gretty:gretty from 4.1.6 to 4.1.7 #​17616
• Bump org.gretty:gretty from 4.1.6 to 4.1.7 #​17597
• Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.23.Final #​17646
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.24.Final #​17660
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.25.Final #​17694
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.25.Final #​17685
• Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.34.1 to 4.34.2 #​17650
• Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 #​17645
• Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14 #​17757
• Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #​17651
• Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #​17596
• Bump org.springframework:spring-framework-bom from 6.2.9 to 6.2.10 #​17735

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​codingtim

v6.5.2

Compare Source

🪲 Bug Fixes

• <websocket-message-broker> should pick up a bean named csrfChannelInterceptor #​17495
• Add 7.0 Migration Steps for Messaging PathPattern Usage #​17509
• EnableReactiveMethodSecurity should not import Servlet configuration #​17545
• Fix equals and hashCode in PathPatternRequestMatcher to include HTTP method #​17337
• Fix securityContextRepository() initialization in oauth2Login() DSL #​17557
• OAuth2Login DSL should support post-processing AuthenticationProvider implementations #​17176
• Websocket XML config should pick up PathPatternMessageMatcher.Builder #​17508

🔨 Dependency Upgrades

• Bump com.webauthn4j:webauthn4j-core from 0.29.3.RELEASE to 0.29.4.RELEASE #​17444
• Bump io-spring-javaformat from 0.0.46 to 0.0.47 [#​17470](#​17470
• Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 [#​17570](#​17570
• Bump io.mockk:mockk from 1.14.2 to 1.14.4 #​17467
• Bump io.mockk:mockk from 1.14.4 to 1.14.5 #​17572
• Bump org-apache-maven-resolver from 1.9.23 to 1.9.24 #​17469
• Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 #​17555
• Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.20.Final #​17491
• Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.22.Final #​17571
• Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 #​17466
• Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 #​17569
• Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 #​17468
• Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #​17481
• Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #​17568

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​fkowal and @​therepanic

v6.5.1

Compare Source

⭐ New Features

• Create demonstration of include-code usage #​17161
• Setup include-code extension for docs #​17160

🪲 Bug Fixes

• ClearSiteDataHeaderWriter log is misleading #​17166
• Fix to allow multiple AuthenticationFilter instances to process each request #​17216
• Inconsistent constructor declaration on bean with name '_reactiveMethodSecurityConfiguration' #​17210
• OAuth2ResourceServer using authenticationManagerResolver results in tokenAuthenticationManager cannot be null while startup #​17172
• Publishing a default TargetVisitor should not override Spring MVC support #​17189
• Use HttpStatus in back-channel logout filters #​17157

🔨 Dependency Upgrades

• Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 #​17233
• Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to 0.29.3.RELEASE #​17192
• Bump io-spring-javaformat from 0.0.43 to 0.0.45 #​17152
• Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8 #​17220
• Bump io.projectreactor:reactor-bom from 2023.0.18 to 2023.0.19 #​17232
• Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #​17204
• Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10 #​17214
• Bump org.hibernate.orm:hibernate-core from 6.6.15.Final to 6.6.17.Final #​17184
• Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final #​17256
• Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 #​17257
• Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 #​17239
• Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #​17238

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​evgeniycheban

v6.5.0

Compare Source

⭐ New Features

• Add documentation for DPoP support #​17072
• Add logging to CsrfTokenRequestHandler implementations #​16994
• Add mapping for DPoP in DefaultMapOAuth2AccessTokenResponseConverter #​16806
• Bump Gradle Wrapper from 8.13 to 8.14 #​17018
• ClientRegistrations.fromIssuerLocation does not include failure information #​17015
• Fix Typo In SubjectDnX509PrincipalExtractorTests #​16997
• Implement internal cache in JtiClaimValidator #​17107
• Polish javadoc #​16924
• Remove unused classes #​16935
• Replace NimbusOpaqueTokenIntrospector with SpringOpaqueTokenIntrospector in Documentation #​16962
• RequestHeaderAuthenticationFilter creates a session even if not configured to do so #​17147

🪲 Bug Fixes

• Add FunctionalInterface To X509PrincipalExtractor #​16952
• Change NonNull import from reactor to spring #​16571
• Fix DPoP jkt claim to be JWK SHA-256 thumbprint #​17080
• Minor error in the Handling Logouts documentation #​17049
• SecurityAnnotationScanner's method comparison should use .equals #​17145
• Use proper configuration key in Opaque Token documentation #​17014

🔨 Dependency Upgrades

• Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.18.4 #​17069
• Bump com.fasterxml.jackson:jackson-bom from 2.18.3 to 2.19.0 #​16995
• Bump com.google.code.gson:gson from 2.13.0 to 2.13.1 #​16990
• Bump com.webauthn4j:webauthn4j-core from 0.29.0.RELEASE to 0.29.1.RELEASE #​17024
• Bump com.webauthn4j:webauthn4j-core from 0.29.1.RELEASE to 0.29.2.RELEASE #​17095
• Bump io.micrometer:micrometer-observation from 1.14.6 to 1.14.7 #​17096
• Bump io.mockk:mockk from 1.14.0 to 1.14.2 #​17019
• Bump io.projectreactor:reactor-bom from 2023.0.17 to 2023.0.18 #​17111
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.5 to 1.0.6 #​17040
• Bump org-apache-maven-resolver from 1.9.22 to 1.9.23 #​17088
• Bump org-eclipse-jetty from 11.0.24 to 11.0.25 #​16761
• Bump org.hibernate.orm:hibernate-core from 6.6.13.Final to 6.6.14.Final #​17089
• Bump org.hibernate.orm:hibernate-core from 6.6.14.Final to 6.6.15.Final #​17105
• Bump org.seleniumhq.selenium:selenium-java from 4.31.0 to 4.32.0 #​17037
• Bump org.springframework.data:spring-data-bom from 2024.1.4 to 2024.1.5 #​16981
• Bump org.springframework.data:spring-data-bom from 2024.1.5 to 2024.1.6 #​17137
• Bump org.springframework:spring-framework-bom from 6.2.6 to 6.2.7 #​17124

🔩 Build Updates

• Release 6.5.0 #​17138

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​dkowis, @​franticticktick, @​hammadirshad, @​jearton, @​ngocnhan-tran1996, @​quaff, and @​yybmion

v6.4.13

Compare Source

⭐ New Features

• Default WebAuthnConfigurer#rpName to rpId #​18115
• Document effects of disabling CORS #​18117

🪲 Bug Fixes

• BCryptPasswordEncoderTests should password limit of 72 bytes #​18133

🔨 Dependency Upgrades

• Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 #​18108
• Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 #​18148
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1.0.13 #​18140
• Bump org-aspectj from 1.9.24 to 1.9.25 #​18139
• Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final #​18109
• Update Spring Data 2024.1.12 #​18179
• Update to Reactor 2024.0.12 #​18178
• Update to Spring Framework 6.2.13 #​18177

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Kehrlann

v6.4.12

Compare Source

🔨 Dependency Upgrades

• Bump ch.qos.logback:logback-classic from 1.5.19 to 1.5.20 #​18080
• Bump com.webauthn4j:webauthn4j-core from 0.29.6.RELEASE to 0.29.7.RELEASE #​17985
• Bump io.micrometer:micrometer-observation from 1.14.11 to 1.14.12 #​18044
• Bump io.mockk:mockk from 1.14.5 to 1.14.6 #​17984
• Bump org.gretty:gretty from 4.1.7 to 4.1.10 #​17944
• Bump org.hibernate.orm:hibernate-core from 6.6.31.Final to 6.6.33.Final #​18038
• Bump org.springframework.data:spring-data-bom from 2024.1.10 to 2024.1.11 #​18081
• Bump org.springframework.ldap:spring-ldap-core from 3.2.14 to 3.2.15 #​18065
• Bump org.springframework:spring-framework-bom from 6.2.11 to 6.2.12 #​18066

v6.4.11

Compare Source

🔨 Dependency Upgrades

• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #​17921
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #​17909
• Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #​17918
• Bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4 #​17905
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final #​17917
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final #​17907
• Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 #​17919
• Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 #​17906
• Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #​17920
• Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #​17908

v6.4.10

Compare Source

🪲 Bug Fixes

• Annonation Scanning Should Fallback to Object when Parameter Matching #​17898
• Fix traceId discrepancy in case error in servlet web #​17134
• Reference should advise avoiding post-authorization on writes #​17797
• Remove MockWebServer from JwtIssuerAuthenticationManagerResolverTests #​17869

🔨 Dependency Upgrades

• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #​17792
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #​17778
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #​17769
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #​17892
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #​17857
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #​17777
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #​17768
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #​17755
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.28.Final #​17851
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.28.Final #​17835
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final #​17890
• Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 #​17891
• Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #​17889
• Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #​17877
• Update to nimbus-jose-jwt:9.37.4 #​17875

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​nkonev

v6.4.9

Compare Source

⭐ New Features

• Add META-INF/LICENSE.txt to published jars #​17638
• Update Angular documentation links in csrf.adoc #​17652
• Update Shibboleth Repository URL #​17636
• Use 2004-present Copyright #​17633

🪲 Bug Fixes

• OpenSamlAssertingPartyDetails Should Be Serializable #​17622

🔨 Dependency Upgrades

• Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 #​17611
• Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 #​17604
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #​17756
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #​17699
• Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 #​17643
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to 1.0.11 #​17741
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to 1.0.11 #​17717
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 #​17609
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 #​17603
• Bump org-eclipse-jetty from 11.0.25 to 11.0.26 #​17736
• Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 #​17607
• Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 #​17602
• Bump org.gretty:gretty from 4.1.6 to 4.1.7 #​17641
• Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.23.Final #​17630
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.24.Final #​17659
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.25.Final #​17695
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.25.Final #​17680
• Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 #​17696
• Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 #​17682
• Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 #​17642
• Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 #​17600
• Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.9 #​17738
• Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14 #​17745
• Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #​17610
• Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #​17601
• Bump

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.