chore(deps): bump org.springframework.security:spring-security-bom in /geowebcache by dependabot[bot] · Pull Request #1509 · GeoWebCache/geowebcache

dependabot · 2026-03-30T08:16:39Z

Bumps org.springframework.security:spring-security-bom in /geowebcache from 7.0.2 to 7.0.4.

Updates org.springframework.security:spring-security-bom from 7.0.2 to 7.0.4

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.4

⭐ New Features

Update RestTemplateBuilder usage in opaque-token.adoc #18836

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18784

Add Jackson Mixin for WebAuthnAuthentication #18878

Add Missing OnCommitedResponseWrapper Header Overrides #18799

Document the change in dependency coordinates with Spring Security 7 #18773

Ensure tests clear AuthorizationServerContextHolder #18768

Fix CookieRequestCache parameters #18864

Fix Flaky Crypto Tests #18842

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18897

HttpMessageConverterAuthenticationSuccessHandler Supports Jackson 3 #18834

OAuth2DeviceVerificationEndpointFilter should be applied after AuthorizationFilter #18873

Restore upgradeEncoding condition in DaoAuthenticationProvider #18788

saveAuthenticationRequest should read relayState from authenticationRequest #18884

SecurityExpressionRoot#hasAuthority should delegate to AuthorizationManagerFactory#hasAuthority #18487

ServerHttpSecurityConfiguration should not set userDetailsPasswordService to a null value #18276

TokenBasedRememberMeServices documentation snippets should compile #18642

Update request-matcher XML property to support PathPatternRequestMatcher #18737

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18853

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18810

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18752

Bump com.webauthn4j:webauthn4j-core from 0.31.0.RELEASE to 0.31.1.RELEASE #18830

Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 #18877

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18751

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18792

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18861

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18887

Bump org.junit:junit-bom from 6.0.2 to 6.0.3 #18743

Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 #18904

Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 #18764

Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 #18905

Update Antora UI Spring to v0.4.26 #18893

Update to spring-security-release-tools 1.0.15 #18909

❤️ Contributors

Thank you to all the contributors who worked on this release:

@busoco-sjb, @making, @meliezer, @ngocnhan-tran1996, @rwinch, @sephiroth-j, @therepanic, @thuri, and @ziqin

7.0.3

⭐ New Features

... (truncated)

Commits

9bd793f Release 7.0.4
a2c0ac1 Update to spring-security-release-tools 1.0.15
ea6e7ab Merge branch '6.5.x' into 7.0.x
01ff3b0 Add Workflow for Deferring Issues
e8cb0ef Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
524ae92 Merge Add Jackson Mixin for WebAuthnAuthentication
47146f3 Add Jackson Mixin for WebAuthnAuthentication
e7080e8 Update Antora UI Spring to v0.4.26
c348a7a Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 7.0.2 to 7.0.4

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.4

⭐ New Features

Update RestTemplateBuilder usage in opaque-token.adoc #18836

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18784

Add Jackson Mixin for WebAuthnAuthentication #18878

Add Missing OnCommitedResponseWrapper Header Overrides #18799

Document the change in dependency coordinates with Spring Security 7 #18773

Ensure tests clear AuthorizationServerContextHolder #18768

Fix CookieRequestCache parameters #18864

Fix Flaky Crypto Tests #18842

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18897

HttpMessageConverterAuthenticationSuccessHandler Supports Jackson 3 #18834

OAuth2DeviceVerificationEndpointFilter should be applied after AuthorizationFilter #18873

Restore upgradeEncoding condition in DaoAuthenticationProvider #18788

saveAuthenticationRequest should read relayState from authenticationRequest #18884

SecurityExpressionRoot#hasAuthority should delegate to AuthorizationManagerFactory#hasAuthority #18487

ServerHttpSecurityConfiguration should not set userDetailsPasswordService to a null value #18276

TokenBasedRememberMeServices documentation snippets should compile #18642

Update request-matcher XML property to support PathPatternRequestMatcher #18737

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18853

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18810

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18752

Bump com.webauthn4j:webauthn4j-core from 0.31.0.RELEASE to 0.31.1.RELEASE #18830

Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 #18877

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18751

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18792

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18861

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18887

Bump org.junit:junit-bom from 6.0.2 to 6.0.3 #18743

Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 #18904

Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 #18764

Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 #18905

Update Antora UI Spring to v0.4.26 #18893

Update to spring-security-release-tools 1.0.15 #18909

❤️ Contributors

Thank you to all the contributors who worked on this release:

@busoco-sjb, @making, @meliezer, @ngocnhan-tran1996, @rwinch, @sephiroth-j, @therepanic, @thuri, and @ziqin

7.0.3

⭐ New Features

... (truncated)

Commits

9bd793f Release 7.0.4
a2c0ac1 Update to spring-security-release-tools 1.0.15
ea6e7ab Merge branch '6.5.x' into 7.0.x
01ff3b0 Add Workflow for Deferring Issues
e8cb0ef Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
524ae92 Merge Add Jackson Mixin for WebAuthnAuthentication
47146f3 Add Jackson Mixin for WebAuthnAuthentication
e7080e8 Update Antora UI Spring to v0.4.26
c348a7a Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 7.0.2 to 7.0.4

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.4

⭐ New Features

Update RestTemplateBuilder usage in opaque-token.adoc #18836

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18784

Add Jackson Mixin for WebAuthnAuthentication #18878

Add Missing OnCommitedResponseWrapper Header Overrides #18799

Document the change in dependency coordinates with Spring Security 7 #18773

Ensure tests clear AuthorizationServerContextHolder #18768

Fix CookieRequestCache parameters #18864

Fix Flaky Crypto Tests #18842

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18897

HttpMessageConverterAuthenticationSuccessHandler Supports Jackson 3 #18834

OAuth2DeviceVerificationEndpointFilter should be applied after AuthorizationFilter #18873

Restore upgradeEncoding condition in DaoAuthenticationProvider #18788

saveAuthenticationRequest should read relayState from authenticationRequest #18884

SecurityExpressionRoot#hasAuthority should delegate to AuthorizationManagerFactory#hasAuthority #18487

ServerHttpSecurityConfiguration should not set userDetailsPasswordService to a null value #18276

TokenBasedRememberMeServices documentation snippets should compile #18642

Update request-matcher XML property to support PathPatternRequestMatcher #18737

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18853

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18810

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18752

Bump com.webauthn4j:webauthn4j-core from 0.31.0.RELEASE to 0.31.1.RELEASE #18830

Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 #18877

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18751

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18792

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18861

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18887

Bump org.junit:junit-bom from 6.0.2 to 6.0.3 #18743

Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 #18904

Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 #18764

Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 #18905

Update Antora UI Spring to v0.4.26 #18893

Update to spring-security-release-tools 1.0.15 #18909

❤️ Contributors

Thank you to all the contributors who worked on this release:

@busoco-sjb, @making, @meliezer, @ngocnhan-tran1996, @rwinch, @sephiroth-j, @therepanic, @thuri, and @ziqin

7.0.3

⭐ New Features

... (truncated)

Commits

9bd793f Release 7.0.4
a2c0ac1 Update to spring-security-release-tools 1.0.15
ea6e7ab Merge branch '6.5.x' into 7.0.x
01ff3b0 Add Workflow for Deferring Issues
e8cb0ef Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
524ae92 Merge Add Jackson Mixin for WebAuthnAuthentication
47146f3 Add Jackson Mixin for WebAuthnAuthentication
e7080e8 Update Antora UI Spring to v0.4.26
c348a7a Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 7.0.2 to 7.0.4

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.4

⭐ New Features

Update RestTemplateBuilder usage in opaque-token.adoc #18836

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18784

Add Jackson Mixin for WebAuthnAuthentication #18878

Add Missing OnCommitedResponseWrapper Header Overrides #18799

Document the change in dependency coordinates with Spring Security 7 #18773

Ensure tests clear AuthorizationServerContextHolder #18768

Fix CookieRequestCache parameters #18864

Fix Flaky Crypto Tests #18842

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18897

HttpMessageConverterAuthenticationSuccessHandler Supports Jackson 3 #18834

OAuth2DeviceVerificationEndpointFilter should be applied after AuthorizationFilter #18873

Restore upgradeEncoding condition in DaoAuthenticationProvider #18788

saveAuthenticationRequest should read relayState from authenticationRequest #18884

SecurityExpressionRoot#hasAuthority should delegate to AuthorizationManagerFactory#hasAuthority #18487

ServerHttpSecurityConfiguration should not set userDetailsPasswordService to a null value #18276

TokenBasedRememberMeServices documentation snippets should compile #18642

Update request-matcher XML property to support PathPatternRequestMatcher #18737

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18853

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18810

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18752

Bump com.webauthn4j:webauthn4j-core from 0.31.0.RELEASE to 0.31.1.RELEASE #18830

Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 #18877

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18751

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18792

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18861

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18887

Bump org.junit:junit-bom from 6.0.2 to 6.0.3 #18743

Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 #18904

Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 #18764

Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 #18905

Update Antora UI Spring to v0.4.26 #18893

Update to spring-security-release-tools 1.0.15 #18909

❤️ Contributors

Thank you to all the contributors who worked on this release:

@busoco-sjb, @making, @meliezer, @ngocnhan-tran1996, @rwinch, @sephiroth-j, @therepanic, @thuri, and @ziqin

7.0.3

⭐ New Features

... (truncated)

Commits

9bd793f Release 7.0.4
a2c0ac1 Update to spring-security-release-tools 1.0.15
ea6e7ab Merge branch '6.5.x' into 7.0.x
01ff3b0 Add Workflow for Deferring Issues
e8cb0ef Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
524ae92 Merge Add Jackson Mixin for WebAuthnAuthentication
47146f3 Add Jackson Mixin for WebAuthnAuthentication
e7080e8 Update Antora UI Spring to v0.4.26
c348a7a Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 7.0.2 to 7.0.4

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.4

⭐ New Features

Update RestTemplateBuilder usage in opaque-token.adoc #18836

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18784

Add Jackson Mixin for WebAuthnAuthentication #18878

Add Missing OnCommitedResponseWrapper Header Overrides #18799

Document the change in dependency coordinates with Spring Security 7 #18773

Ensure tests clear AuthorizationServerContextHolder #18768

Fix CookieRequestCache parameters #18864

Fix Flaky Crypto Tests #18842

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18897

HttpMessageConverterAuthenticationSuccessHandler Supports Jackson 3 #18834

OAuth2DeviceVerificationEndpointFilter should be applied after AuthorizationFilter #18873

Restore upgradeEncoding condition in DaoAuthenticationProvider #18788

saveAuthenticationRequest should read relayState from authenticationRequest #18884

SecurityExpressionRoot#hasAuthority should delegate to AuthorizationManagerFactory#hasAuthority #18487

ServerHttpSecurityConfiguration should not set userDetailsPasswordService to a null value #18276

TokenBasedRememberMeServices documentation snippets should compile #18642

Update request-matcher XML property to support PathPatternRequestMatcher #18737

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18853

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18810

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18752

Bump com.webauthn4j:webauthn4j-core from 0.31.0.RELEASE to 0.31.1.RELEASE #18830

Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 #18877

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18751

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18792

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18861

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18887

Bump org.junit:junit-bom from 6.0.2 to 6.0.3 #18743

Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 #18904

Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 #18764

Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 #18905

Update Antora UI Spring to v0.4.26 #18893

Update to spring-security-release-tools 1.0.15 #18909

❤️ Contributors

Thank you to all the contributors who worked on this release:

@busoco-sjb, @making, @meliezer, @ngocnhan-tran1996, @rwinch, @sephiroth-j, @therepanic, @thuri, and @ziqin

7.0.3

⭐ New Features

... (truncated)

Commits

9bd793f Release 7.0.4
a2c0ac1 Update to spring-security-release-tools 1.0.15
ea6e7ab Merge branch '6.5.x' into 7.0.x
01ff3b0 Add Workflow for Deferring Issues
e8cb0ef Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
524ae92 Merge Add Jackson Mixin for WebAuthnAuthentication
47146f3 Add Jackson Mixin for WebAuthnAuthentication
e7080e8 Update Antora UI Spring to v0.4.26
c348a7a Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 7.0.2 to 7.0.4

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.4

⭐ New Features

Update RestTemplateBuilder usage in opaque-token.adoc #18836

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18784

Add Jackson Mixin for WebAuthnAuthentication #18878

Add Missing OnCommitedResponseWrapper Header Overrides #18799

Document the change in dependency coordinates with Spring Security 7 #18773

Ensure tests clear AuthorizationServerContextHolder #18768

Fix CookieRequestCache parameters #18864

Fix Flaky Crypto Tests #18842

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18897

HttpMessageConverterAuthenticationSuccessHandler Supports Jackson 3 #18834

OAuth2DeviceVerificationEndpointFilter should be applied after AuthorizationFilter #18873

Restore upgradeEncoding condition in DaoAuthenticationProvider #18788

saveAuthenticationRequest should read relayState from authenticationRequest #18884

SecurityExpressionRoot#hasAuthority should delegate to AuthorizationManagerFactory#hasAuthority #18487

ServerHttpSecurityConfiguration should not set userDetailsPasswordService to a null value #18276

TokenBasedRememberMeServices documentation snippets should compile #18642

Update request-matcher XML property to support PathPatternRequestMatcher #18737

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18853

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18810

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18752

Bump com.webauthn4j:webauthn4j-core from 0.31.0.RELEASE to 0.31.1.RELEASE #18830

Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 #18877

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18751

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18792

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18861

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18887

Bump org.junit:junit-bom from 6.0.2 to 6.0.3 #18743

Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 #18904

Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 #18764

Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 #18905

Update Antora UI Spring to v0.4.26 #18893

Update to spring-security-release-tools 1.0.15 #18909

❤️ Contributors

Thank you to all the contributors who worked on this release:

@busoco-sjb, @making, @meliezer, @ngocnhan-tran1996, @rwinch, @sephiroth-j, @therepanic, @thuri, and @ziqin

7.0.3

⭐ New Features

... (truncated)

Commits

9bd793f Release 7.0.4
a2c0ac1 Update to spring-security-release-tools 1.0.15
ea6e7ab Merge branch '6.5.x' into 7.0.x
01ff3b0 Add Workflow for Deferring Issues
e8cb0ef Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
524ae92 Merge Add Jackson Mixin for WebAuthnAuthentication
47146f3 Add Jackson Mixin for WebAuthnAuthentication
e7080e8 Update Antora UI Spring to v0.4.26
c348a7a Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 7.0.2 to 7.0.4

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.4

⭐ New Features

Update RestTemplateBuilder usage in opaque-token.adoc #18836

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18784

Add Jackson Mixin for WebAuthnAuthentication #18878

Add Missing OnCommitedResponseWrapper Header Overrides #18799

Document the change in dependency coordinates with Spring Security 7 #18773

Ensure tests clear AuthorizationServerContextHolder #18768

Fix CookieRequestCache parameters #18864

Fix Flaky Crypto Tests #18842

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18897

HttpMessageConverterAuthenticationSuccessHandler Supports Jackson 3 #18834

OAuth2DeviceVerificationEndpointFilter should be applied after AuthorizationFilter #18873

Restore upgradeEncoding condition in DaoAuthenticationProvider #18788

saveAuthenticationRequest should read relayState from authenticationRequest #18884

SecurityExpressionRoot#hasAuthority should delegate to AuthorizationManagerFactory#hasAuthority #18487

ServerHttpSecurityConfiguration should not set userDetailsPasswordService to a null value #18276

TokenBasedRememberMeServices documentation snippets should compile #18642

Update request-matcher XML property to support PathPatternRequestMatcher #18737

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18853

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18810

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18752

Bump com.webauthn4j:webauthn4j-core from 0.31.0.RELEASE to 0.31.1.RELEASE #18830

Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 #18877

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18751

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18792

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18861

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18887

Bump org.junit:junit-bom from 6.0.2 to 6.0.3 #18743

Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 #18904

Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.5 #18764

Bump org.springframework:spring-framework-bom from 7.0.5 to 7.0.6 #18905

Update Antora UI Spring to v0.4.26 #18893

Update to spring-security-release-tools 1.0.15 #18909

❤️ Contributors

Thank you to all the contributors who worked on this release:

@busoco-sjb, @making, @meliezer, @ngocnhan-tran1996, @rwinch, @sephiroth-j, @therepanic, @thuri, and @ziqin

7.0.3

⭐ New Features

... (truncated)

Commits

9bd793f Release 7.0.4
a2c0ac1 Update to spring-security-release-tools 1.0.15
ea6e7ab Merge branch '6.5.x' into 7.0.x
01ff3b0 Add Workflow for Deferring Issues
e8cb0ef Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
524ae92 Merge Add Jackson Mixin for WebAuthnAuthentication
47146f3 Add Jackson Mixin for WebAuthnAuthentication
e7080e8 Update Antora UI Spring to v0.4.26
c348a7a Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-bom from 7.0.2 to 7.0.4

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.4

⭐ New Features

Update RestTemplateBuilder usage in opaque-token.adoc #18836

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18784

Add Jackson Mixin for WebAuthnAuthentication #18878

Add Missing OnCommitedResponseWrapper Header Overrides #18799

Document the change in dependency coordinates with Spring Security 7 #18773

Ensure tests clear AuthorizationServerContextHolder #18768

Fix CookieRequestCache parameters #18864

Fix Flaky Crypto Tests #18842

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18897

HttpMessageConverterAuthenticationSuccessHandler Supports Jackson 3 #18834

OAuth2DeviceVerificationEndpointFilter should be applied after AuthorizationFilter #18873

Restore upgradeEncoding condition in DaoAuthenticationProvider #18788

saveAuthenticationRequest should read relayState from authenticationRequest #18884

SecurityExpressionRoot#hasAuthority should delegate to AuthorizationManagerFactory#hasAuthority #18487

ServerHttpSecurityConfiguration should not set userDetailsPasswordService to a null value #18276

TokenBasedRememberMeServices documentation snippets should compile #18642

Update request-matcher XML property to support PathPatternRequestMatcher #18737

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18853

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18810

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18752

Bump com.webauthn4j:webauthn4j-core from 0.31.0.RELEASE to 0.31.1.RELEASE #18830

Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.4 #18877

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18751

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18792

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18861

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18887

Bump org.junit:junit-bom from 6.0.2 to 6.0.3 #18743

Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.4 Description has been truncated

Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) in `/geowebcache` from 7.0.2 to 7.0.4. Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) Updates `org.springframework.security:spring-security-bom` from 7.0.2 to 7.0.4 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@7.0.2...7.0.4) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven - dependency-name: org.springframework.security:spring-security-bom dependency-version: 7.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 30, 2026

aaime merged commit a75a418 into main Mar 30, 2026
13 checks passed

dependabot bot deleted the dependabot-maven-geowebcache-main-maven-dd0dde7be7 branch March 30, 2026 12:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump org.springframework.security:spring-security-bom in /geowebcache#1509

chore(deps): bump org.springframework.security:spring-security-bom in /geowebcache#1509
aaime merged 1 commit intomainfrom
dependabot-maven-geowebcache-main-maven-dd0dde7be7

dependabot bot commented on behalf of github Mar 30, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot bot commented on behalf of github Mar 30, 2026

7.0.4

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

7.0.3

⭐ New Features

7.0.4

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

7.0.3

⭐ New Features

7.0.4

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

7.0.3

⭐ New Features

7.0.4

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

7.0.3

⭐ New Features

7.0.4

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

7.0.3

⭐ New Features

7.0.4

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

7.0.3

⭐ New Features

7.0.4

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

7.0.3

⭐ New Features

7.0.4

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant