Sourced from org.springframework.security:spring-security-bom's releases.

6.5.1

:star: New Features

• Create demonstration of include-code usage #17161
• Setup include-code extension for docs #17160

:beetle: Bug Fixes

• ClearSiteDataHeaderWriter log is misleading #17166
• Fix to allow multiple AuthenticationFilter instances to process each request #17216
• Inconsistent constructor declaration on bean with name '_reactiveMethodSecurityConfiguration' #17210
• OAuth2ResourceServer using authenticationManagerResolver results in tokenAuthenticationManager cannot be null while startup #17172
• Publishing a default TargetVisitor should not override Spring MVC support #17189
• Use HttpStatus in back-channel logout filters #17157

:hammer: Dependency Upgrades

• Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 #17233
• Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to 0.29.3.RELEASE #17192
• Bump io-spring-javaformat from 0.0.43 to 0.0.45 #17152
• Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8 #17220
• Bump io.projectreactor:reactor-bom from 2023.0.18 to 2023.0.19 #17232
• Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 #17204
• Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10 #17214
• Bump org.hibernate.orm:hibernate-core from 6.6.15.Final to 6.6.17.Final #17184
• Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final #17256
• Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7 #17257
• Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13 #17239
• Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 #17238

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​evgeniycheban

• ebdd6c2 Release 6.5.1
• f7cff8d Merge branch '6.4.x' into 6.5.x
• b8c19f9 Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final
• f2dbe28 Merge branch '6.4.x' into 6.5.x
• 17fe96e Merge branch '6.3.x' into 6.4.x
• 1828d56 Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
• 71851de Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
• 60a930a Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to 6.6.18.Final
• 2b51705 Bump org.springframework.data:spring-data-bom from 2024.1.6 to 2024.1.7
• 0a15dca Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)