Skip to content

Bump org.springframework.security:spring-security-core from 6.5.1 to 6.5.10#125

Open
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/maven/org.springframework.security-spring-security-core-6.5.10
Open

Bump org.springframework.security:spring-security-core from 6.5.1 to 6.5.10#125
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/maven/org.springframework.security-spring-security-core-6.5.10

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 25, 2026
edited
Loading

Copy link
Copy Markdown

Bumps org.springframework.security:spring-security-core from 6.5.1 to 6.5.10.

Release notes

Sourced from org.springframework.security:spring-security-core's releases.

6.5.10

⭐ New Features

  • Add CredentialRecordOwnerAuthorizationManager #19004
  • Add XML Based shouldWriteHeadersEagerly tests #19017
  • Clarify Session Management Persistence Documentation #18345
  • Update FilterChainProxy#getFilters(String) javadoc #18258

🪲 Bug Fixes

  • Add equals and hashcode to HttpMethodRequestMatcher #18914
  • auth_time validation fails when SSO session is renewed #18839
  • Fallback defaultTargetUrl if refererHeader is empty #18806
  • Fix HttpSessionRequestCache#getMatchingRequest query string parsing #16914
  • Fix documentation for Custom Authorization Manager #18362
  • Improve serialVersionUID check in tests #18474
  • Merge Handle null value in OnCommittedResponseWrapper header methods #18989
  • OAuth2 client sessionManagement ineffective with DefaultOidcUser #18622

🔨 Dependency Upgrades

  • Bump @springio/antora-extensions from 1.14.10 to 1.14.11 in /docs #19055
  • Bump @springio/antora-extensions from 1.14.7 to 1.14.9 in /docs #18956
  • Bump @springio/antora-extensions from 1.14.9 to 1.14.10 in /docs #19031
  • Bump @springio/asciidoctor-extensions from 1.0.0-alpha.17 to 1.0.0-alpha.18 in /docs #18952
  • Bump actions/upload-artifact from 7.0.0 to 7.0.1 #19094
  • Bump io.projectreactor:reactor-bom from 2024.0.16 to 2024.0.17 #19078
  • Bump io.spring.gradle:spring-security-release-plugin from 1.0.14 to 1.0.15 #18916
  • Bump org.apache.maven:maven-resolver-provider from 3.9.14 to 3.9.15 #19108
  • Bump org.hibernate.orm:hibernate-core from 6.6.44.Final to 6.6.45.Final #18966
  • Bump org.hibernate.orm:hibernate-core from 6.6.45.Final to 6.6.47.Final #19046
  • Bump org.hibernate.orm:hibernate-core from 6.6.47.Final to 6.6.48.Final #19064
  • Bump org.hibernate.orm:hibernate-core from 6.6.48.Final to 6.6.49.Final #19110
  • Bump org.springframework:spring-framework-bom from 6.2.17 to 6.2.18 #19109
  • Bump spring-io/spring-release-actions from 0.0.3 to 0.0.4 #19093
  • Bump spring-io/spring-security-release-tools from 1.0.14 to 1.0.15 #18954
  • Bump spring-io/spring-security-release-tools/.github/workflows/build.yml from 1.0.14 to 1.0.15 #18955
  • Bump spring-io/spring-security-release-tools/.github/workflows/deploy-artifacts.yml from 1.0.14 to 1.0.15 #18949
  • Bump spring-io/spring-security-release-tools/.github/workflows/deploy-schema.yml from 1.0.14 to 1.0.15 #18950
  • Bump spring-io/spring-security-release-tools/.github/workflows/perform-release.yml from 1.0.14 to 1.0.15 #18995
  • Bump spring-io/spring-security-release-tools/.github/workflows/test.yml from 1.0.14 to 1.0.15 #18951
  • Bump spring-io/spring-security-release-tools/.github/workflows/update-scheduled-release-version.yml from 1.0.14 to 1.0.15 #18994
  • Update to spring-security-release-tools 1.0.15 #18910

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Kehrlann, @​as1605, @​johnycho, @​ngocnhan-tran1996, @​rwinch, and @​sankranty

... (truncated)

Commits
  • 0a9d4dc Release 6.5.10
  • 3d4e205 Merge remote-tracking branch 'oss/6.5.x' into 6.5.x
  • 81bd52a Bump org.hibernate.orm:hibernate-core from 6.6.48.Final to 6.6.49.Final
  • 25b6af2 Bump org.springframework:spring-framework-bom from 6.2.17 to 6.2.18
  • 95987bf Bump org.apache.maven:maven-resolver-provider from 3.9.14 to 3.9.15
  • 6e5f8f2 Merge remote-tracking branch 'origin/6.5.x' into 6.5.x
  • 4187af3 Verify token deletion in JdbcOneTimeTokenService
  • 5b638a5 Use SHA Hashes
  • 51eef2b Bump io.projectreactor:reactor-bom from 2024.0.16 to 2024.0.17
  • 302cfb1 Bump @​springio/antora-extensions from 1.14.10 to 1.14.11 in /docs
  • Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Apr 25, 2026
@dependabot
Bump org.springframework.security:spring-security-core
5dcedd7 
Bumps [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) from 6.5.1 to 6.5.10.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@6.5.1...6.5.10)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-core
  dependency-version: 6.5.10
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/maven/org.springframework.security-spring-security-core-6.5.10 branch from 9bb1c45 to 5dcedd7 Compare May 6, 2026 17:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ascheibal ascheibal ascheibal approved these changes

@litlfred litlfred Awaiting requested review from litlfred litlfred is a code owner

@tence tence Awaiting requested review from tence

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ascheibal