Sourced from org.springframework.security:spring-security-crypto's releases.

6.5.3

:star: New Features

• Add META-INF/LICENSE.txt to published jars #17639
• Update Angular documentation links in csrf.adoc #17653
• Update Shibboleth Repository URL #17637
• Use 2004-present Copyright #17634

:beetle: Bug Fixes

• Add Missing Navigation in Preparing for 7.0 Guide #17731
• DPoP authentication throws JwtDecoderFactory ClassNotFoundException #17249
• OpenSamlAssertingPartyDetails Should Be Serializable #17727
• Use final values in equals and hashCode #17621

:hammer: Dependency Upgrades

• Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE #17739
• Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE #17690
• Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE #17684
• Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to 0.29.5.RELEASE #17661
• Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 #17615
• Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 #17599
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17737
• Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17701
• Bump io.mockk:mockk from 1.14.4 to 1.14.5 #17614
• Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 #17647
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to 1.0.11 #17733
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to 1.0.11 #17711
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 #17612
• Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to 1.0.10 #17598
• Bump org-eclipse-jetty from 11.0.25 to 11.0.26 #17742
• Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 #17613
• Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11 #17595
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #17760
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #17692
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #17683
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 #17671
• Bump org.gretty:gretty from 4.1.6 to 4.1.7 #17616
• Bump org.gretty:gretty from 4.1.6 to 4.1.7 #17597
• Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to 6.6.23.Final #17646
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.24.Final #17660
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.25.Final #17694
• Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.25.Final #17685
• Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.34.1 to 4.34.2 #17650
• Bump org.springframework.data:spring-data-bom from 2024.1.7 to 2024.1.8 #17645
• Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14 #17757
• Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #17651
• Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 #17596
• Bump org.springframework:spring-framework-bom from 6.2.9 to 6.2.10 #17735

... (truncated)

• 44037c0 Release 6.5.3
• 9909dc6 Merge branch '6.4.x' into 6.5.x
• 525601e Fix version 6.4.9-SNAPSHOT
• 15a4d0d Fix version=6.5.3-SNAPSHOT
• 80b1a30 Merge branch '6.4.x' into 6.5.x
• 644f780 Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14
• a26d6fc Bump org.springframework.data:spring-data-bom from 2024.1.8 to 2024.1.9
• 74735a1 Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final
• 82a16d7 Bump org.assertj:assertj-core from 3.27.3 to 3.27.4
• c1869c1 Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)