Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: spring-projects/spring-security
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: dc5aed9
Choose a base ref
...
head repository: spring-projects/spring-security
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 644901f
Choose a head ref
  • 17 commits
  • 9 files changed
  • 5 contributors

Commits on Oct 20, 2025

  1. Next Development Version

    @rwinch
    rwinch committed Oct 20, 2025
    Configuration menu
    Copy the full SHA
    82f87cf View commit details
    Browse the repository at this point in the history

Commits on Oct 28, 2025

  1. Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5 

    Bumps [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) from 2.18.4.1 to 2.18.5.
- [Commits](FasterXML/jackson-bom@jackson-bom-2.18.4.1...jackson-bom-2.18.5)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.18.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot
    dependabot[bot] authored Oct 28, 2025
    Configuration menu
    Copy the full SHA
    28e158d View commit details
    Browse the repository at this point in the history

  2. Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final 

    Bumps [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) from 6.6.33.Final to 6.6.34.Final.
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/6.6.34/changelog.txt)
- [Commits](hibernate/hibernate-orm@6.6.33...6.6.34)

---
updated-dependencies:
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 6.6.34.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot
    dependabot[bot] authored Oct 28, 2025
    Configuration menu
    Copy the full SHA
    8b0689c View commit details
    Browse the repository at this point in the history

Commits on Nov 4, 2025

  1. Docs: document effects of disabling CORS configurer 

    Signed-off-by: Daniel Garnier-Moiroux <[email protected]>
    @Kehrlann @rwinch
    Kehrlann authored and rwinch committed Nov 4, 2025
    Configuration menu
    Copy the full SHA
    4feeb0f View commit details
    Browse the repository at this point in the history

  2. Default WebAuthnConfigurer#rpName to rpId 

    In WebAuthn L3 spec, PublicKeyCredentialEntity.name is deprecated:

> This member is deprecated because many clients do not display it,
> but it remains a required dictionary member for backwards compatibility.
> Relying Parties MAY, as a safe default, set this equal to the RP ID.

Source: https://www.w3.org/TR/webauthn-3/#dictdef-publickeycredentialentity

Signed-off-by: Daniel Garnier-Moiroux <[email protected]>
    @Kehrlann @rwinch
    Kehrlann authored and rwinch committed Nov 4, 2025
    Configuration menu
    Copy the full SHA
    fed6df5 View commit details
    Browse the repository at this point in the history

  3. Add Test to Confirm 72-byte BCrypt Password Limit 

    Closes gh-18133
    @jzheaux
    jzheaux committed Nov 4, 2025
    Configuration menu
    Copy the full SHA
    532d0be View commit details
    Browse the repository at this point in the history

Commits on Nov 5, 2025

  1. Bump org-aspectj from 1.9.24 to 1.9.25 

    Bumps `org-aspectj` from 1.9.24 to 1.9.25.

Updates `org.aspectj:aspectjrt` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

Updates `org.aspectj:aspectjweaver` from 1.9.24 to 1.9.25
- [Release notes](https://github.com/eclipse/org.aspectj/releases)
- [Commits](https://github.com/eclipse/org.aspectj/commits)

---
updated-dependencies:
- dependency-name: org.aspectj:aspectjrt
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: org.aspectj:aspectjweaver
  dependency-version: 1.9.25
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot
    dependabot[bot] authored Nov 5, 2025
    Configuration menu
    Copy the full SHA
    521f533 View commit details
    Browse the repository at this point in the history

  2. Bump io.spring.gradle:spring-security-release-plugin 

    Bumps [io.spring.gradle:spring-security-release-plugin](https://github.com/spring-io/spring-security-release-tools) from 1.0.11 to 1.0.13.
- [Release notes](https://github.com/spring-io/spring-security-release-tools/releases)
- [Commits](spring-io/spring-security-release-tools@v1.0.11...v1.0.13)

---
updated-dependencies:
- dependency-name: io.spring.gradle:spring-security-release-plugin
  dependency-version: 1.0.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot
    dependabot[bot] authored Nov 5, 2025
    Configuration menu
    Copy the full SHA
    ff908c4 View commit details
    Browse the repository at this point in the history

Commits on Nov 7, 2025

  1. Bump io.micrometer:micrometer-observation from 1.14.12 to 1.14.13 

    Bumps [io.micrometer:micrometer-observation](https://github.com/micrometer-metrics/micrometer) from 1.14.12 to 1.14.13.
- [Release notes](https://github.com/micrometer-metrics/micrometer/releases)
- [Commits](micrometer-metrics/micrometer@v1.14.12...v1.14.13)

---
updated-dependencies:
- dependency-name: io.micrometer:micrometer-observation
  dependency-version: 1.14.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
    @dependabot
    dependabot[bot] authored Nov 7, 2025
    Configuration menu
    Copy the full SHA
    f997e22 View commit details
    Browse the repository at this point in the history

Commits on Nov 17, 2025

  1. Bump io.spring.gradle:spring-security-release-plugin from 1.0.11 to 1… 

    ….0.13
    @rwinch
    rwinch committed Nov 17, 2025
    Configuration menu
    Copy the full SHA
    d0fcdeb View commit details
    Browse the repository at this point in the history

  2. Bump org-aspectj from 1.9.24 to 1.9.25

    @rwinch
    rwinch committed Nov 17, 2025
    Configuration menu
    Copy the full SHA
    ccffb48 View commit details
    Browse the repository at this point in the history

  3. Bump org.hibernate.orm:hibernate-core from 6.6.33.Final to 6.6.34.Final

    @rwinch
    rwinch committed Nov 17, 2025
    Configuration menu
    Copy the full SHA
    9f96fbc View commit details
    Browse the repository at this point in the history

  4. Bump com.fasterxml.jackson:jackson-bom from 2.18.4.1 to 2.18.5

    @rwinch
    rwinch committed Nov 17, 2025
    Configuration menu
    Copy the full SHA
    d016600 View commit details
    Browse the repository at this point in the history

  5. Update to Spring Framework 6.2.13 

    Closes gh-18177
    @rwinch
    rwinch committed Nov 17, 2025
    Configuration menu
    Copy the full SHA
    d2b1cb5 View commit details
    Browse the repository at this point in the history

  6. Update to Reactor 2024.0.12 

    This aligns with Spring Framework's version of Reactor

Closes gh-18178
    @rwinch
    rwinch committed Nov 17, 2025
    Configuration menu
    Copy the full SHA
    4ab9338 View commit details
    Browse the repository at this point in the history

  7. Update Spring Data 2024.1.12 

    Closes gh-18179
    @rwinch
    rwinch committed Nov 17, 2025
    Configuration menu
    Copy the full SHA
    0980531 View commit details
    Browse the repository at this point in the history

  8. Release 6.4.13

    @github-actions
    github-actions[bot] committed Nov 17, 2025
    Configuration menu
    Copy the full SHA
    644901f View commit details
    Browse the repository at this point in the history
Loading