Skip to content

Bump org.springframework.security:spring-security-bom from 7.0.5 to 7.1.0#2646

Merged
acoburn merged 1 commit into
mainfrom
dependabot/maven/org.springframework.security-spring-security-bom-7.1.0
Jun 11, 2026
Merged

Bump org.springframework.security:spring-security-bom from 7.0.5 to 7.1.0#2646
acoburn merged 1 commit into
mainfrom
dependabot/maven/org.springframework.security-spring-security-bom-7.1.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 11, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps org.springframework.security:spring-security-bom from 7.0.5 to 7.1.0.

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.1.0

🪲 Bug Fixes

  • Opaque token introspectors should not allow empty credentials #19201

🔨 Dependency Upgrades

  • Bump @springio/antora-extensions from 1.14.11 to 1.14.12 in /docs #19235
  • Bump actions/checkout from 6.0.2 to 6.0.3 #19271
  • Bump antora from 3.2.0-alpha.11 to 3.2.0-alpha.12 in /docs #19181
  • Bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.33 #19228
  • Bump ch.qos.logback:logback-classic from 1.5.33 to 1.5.34 #19268
  • Bump com.fasterxml.jackson:jackson-bom from 2.21.2 to 2.21.3 #19133
  • Bump com.fasterxml.jackson:jackson-bom from 2.21.3 to 2.22.0 #19246
  • Bump com.google.code.gson:gson from 2.13.2 to 2.14.0 #19125
  • Bump com.nimbusds:oauth2-oidc-sdk from 11.37 to 11.37.1 #19157
  • Bump com.nimbusds:oauth2-oidc-sdk from 11.37 to 11.37.2 #19195
  • Bump com.webauthn4j:webauthn4j-core from 0.31.3.RELEASE to 0.31.5.RELEASE #19148
  • Bump com.webauthn4j:webauthn4j-core from 0.31.5.RELEASE to 0.31.6.RELEASE #19263
  • Bump gradle-wrapper from 9.4.1 to 9.5.0 #19135
  • Bump gradle-wrapper from 9.5.0 to 9.5.1 #19171
  • Bump io-micrometer from 1.16.5 to 1.17.0 #19287
  • Bump io.mockk:mockk from 1.14.9 to 1.14.11 #19244
  • Bump io.projectreactor:reactor-bom from 2025.0.5 to 2025.0.6 #19296
  • Bump org-jetbrains-kotlin from 2.3.20 to 2.3.21 #19126
  • Bump org-jetbrains-kotlin from 2.3.21 to 2.4.0 #19264
  • Bump org-opensaml5 from 5.2.1 to 5.2.2 #19176
  • Bump org.apache.maven:maven-resolver-provider from 3.9.15 to 3.9.16 #19190
  • Bump org.apereo.cas.client:cas-client-core from 4.1.0 to 4.1.1 #19200
  • Bump org.hibernate.orm:hibernate-core from 7.3.1.Final to 7.3.2.Final #19119
  • Bump org.hibernate.orm:hibernate-core from 7.3.2.Final to 7.3.3.Final #19149
  • Bump org.hibernate.orm:hibernate-core from 7.3.3.Final to 7.3.4.Final #19165
  • Bump org.hibernate.orm:hibernate-core from 7.3.4.Final to 7.3.5.Final #19191
  • Bump org.hibernate.orm:hibernate-core from 7.3.5.Final to 7.3.6.Final #19211
  • Bump org.hibernate.orm:hibernate-core from 7.3.6.Final to 7.4.0.Final #19226
  • Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.10.2 to 1.11.0 #19166
  • Bump org.junit:junit-bom from 6.0.3 to 6.1.0 #19197
  • Bump org.slf4j:slf4j-api from 2.0.17 to 2.0.18 #19169
  • Bump org.springframework.data:spring-data-bom from 2025.1.5 to 2025.1.6 #19290
  • Bump org.springframework.ldap:spring-ldap-core from 4.0.3 to 4.1.0 #19291
  • Bump org.springframework:spring-framework-bom from 7.0.7 to 7.0.8 #19285
  • Bump spring-io/spring-release-actions from 0.0.4 to 0.0.5 #19179
  • Bump tools.jackson:jackson-bom from 3.1.2 to 3.1.3 #19147
  • Bump tools.jackson:jackson-bom from 3.1.3 to 3.1.4 #19245
  • Bump tools.jackson:jackson-bom from 3.1.4 to 3.2.0 #19286
  • Update to spring-data-bom 2026.0.0 #19303

🔩 Build Updates

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 11, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 11, 2026 15:30
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 11, 2026
@dependabot dependabot Bot force-pushed the dependabot/maven/org.springframework.security-spring-security-bom-7.1.0 branch from 6669a09 to 38dd18c Compare June 11, 2026 15:38
@acoburn acoburn enabled auto-merge (squash) June 11, 2026 16:11
@dependabot
Bump org.springframework.security:spring-security-bom
cf7cb23 
Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) from 7.0.5 to 7.1.0.
- [Release notes](https://github.com/spring-projects/spring-security/releases)
- [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc)
- [Commits](spring-projects/spring-security@7.0.5...7.1.0)

---
updated-dependencies:
- dependency-name: org.springframework.security:spring-security-bom
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/maven/org.springframework.security-spring-security-bom-7.1.0 branch from 38dd18c to cf7cb23 Compare June 11, 2026 16:13
@acoburn acoburn merged commit 10c9ef1 into main Jun 11, 2026
6 checks passed
@acoburn acoburn deleted the dependabot/maven/org.springframework.security-spring-security-bom-7.1.0 branch June 11, 2026 16:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@acoburn acoburn acoburn approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@acoburn