build(deps): bump spring-security-6.version from 6.5.8 to 6.5.9 by dependabot[bot] · Pull Request #16160 · apache/dubbo

dependabot · 2026-03-23T07:06:53Z

Bumps spring-security-6.version from 6.5.8 to 6.5.9.
Updates org.springframework.security:spring-security-core from 6.5.8 to 6.5.9

Release notes

Sourced from org.springframework.security:spring-security-core's releases.

6.5.9

⭐ New Features

Update Link to CSRF Docs in FAQ #18616

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18544

saveAuthenticationRequest should read relayState from authenticationRequest #18872

Add Missing OnCommitedResponseWrapper Header Overrides #18798

Clarify Resource Server startup expectations #18518

Correct Reference to Clear-Site-Data Directive enum #18273

Fix CookieRequestCache parameters #18857

Fix Flaky Crypto Tests #18841

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18896

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18854

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18809

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18749

Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #18779

Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #18876

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18750

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18791

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18860

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18886

Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #18780

Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #18829

Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Hann244, @Khyojae, @ghusta, @itsmevichu, @qihaiyan, @rwinch, @therepanic, and @ziqin

Commits

0c54a55 Release 6.5.9
01ff3b0 Add Workflow for Deferring Issues
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
cdd4b36 Update Antora UI Spring to v0.4.26
7672f76 Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16
3db4999 Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14
a708d2f Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17
e726c05 Fix Jackson 2 deserializer for AuthenticationExtensionsClientOutputs
a7039fb Test Jackson 2 deserializer with unknown primitive WebAuthn ext
88ea668 Test Jackson 2 deserializer with unknown obj/arr WebAuthn ext
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-oauth2-client from 6.5.8 to 6.5.9

Release notes

Sourced from org.springframework.security:spring-security-oauth2-client's releases.

6.5.9

⭐ New Features

Update Link to CSRF Docs in FAQ #18616

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18544

saveAuthenticationRequest should read relayState from authenticationRequest #18872

Add Missing OnCommitedResponseWrapper Header Overrides #18798

Clarify Resource Server startup expectations #18518

Correct Reference to Clear-Site-Data Directive enum #18273

Fix CookieRequestCache parameters #18857

Fix Flaky Crypto Tests #18841

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18896

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18854

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18809

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18749

Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #18779

Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #18876

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18750

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18791

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18860

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18886

Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #18780

Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #18829

Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Hann244, @Khyojae, @ghusta, @itsmevichu, @qihaiyan, @rwinch, @therepanic, and @ziqin

Commits

0c54a55 Release 6.5.9
01ff3b0 Add Workflow for Deferring Issues
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
cdd4b36 Update Antora UI Spring to v0.4.26
7672f76 Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16
3db4999 Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14
a708d2f Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17
e726c05 Fix Jackson 2 deserializer for AuthenticationExtensionsClientOutputs
a7039fb Test Jackson 2 deserializer with unknown primitive WebAuthn ext
88ea668 Test Jackson 2 deserializer with unknown obj/arr WebAuthn ext
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-config from 6.5.8 to 6.5.9

Release notes

Sourced from org.springframework.security:spring-security-config's releases.

6.5.9

⭐ New Features

Update Link to CSRF Docs in FAQ #18616

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18544

saveAuthenticationRequest should read relayState from authenticationRequest #18872

Add Missing OnCommitedResponseWrapper Header Overrides #18798

Clarify Resource Server startup expectations #18518

Correct Reference to Clear-Site-Data Directive enum #18273

Fix CookieRequestCache parameters #18857

Fix Flaky Crypto Tests #18841

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18896

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18854

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18809

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18749

Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #18779

Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #18876

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18750

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18791

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18860

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18886

Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #18780

Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #18829

Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Hann244, @Khyojae, @ghusta, @itsmevichu, @qihaiyan, @rwinch, @therepanic, and @ziqin

Commits

0c54a55 Release 6.5.9
01ff3b0 Add Workflow for Deferring Issues
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
cdd4b36 Update Antora UI Spring to v0.4.26
7672f76 Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16
3db4999 Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14
a708d2f Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17
e726c05 Fix Jackson 2 deserializer for AuthenticationExtensionsClientOutputs
a7039fb Test Jackson 2 deserializer with unknown primitive WebAuthn ext
88ea668 Test Jackson 2 deserializer with unknown obj/arr WebAuthn ext
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-web from 6.5.8 to 6.5.9

Release notes

Sourced from org.springframework.security:spring-security-web's releases.

6.5.9

⭐ New Features

Update Link to CSRF Docs in FAQ #18616

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18544

saveAuthenticationRequest should read relayState from authenticationRequest #18872

Add Missing OnCommitedResponseWrapper Header Overrides #18798

Clarify Resource Server startup expectations #18518

Correct Reference to Clear-Site-Data Directive enum #18273

Fix CookieRequestCache parameters #18857

Fix Flaky Crypto Tests #18841

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18896

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18854

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18809

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18749

Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #18779

Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #18876

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18750

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18791

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18860

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18886

Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #18780

Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #18829

Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Hann244, @Khyojae, @ghusta, @itsmevichu, @qihaiyan, @rwinch, @therepanic, and @ziqin

Commits

0c54a55 Release 6.5.9
01ff3b0 Add Workflow for Deferring Issues
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
cdd4b36 Update Antora UI Spring to v0.4.26
7672f76 Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16
3db4999 Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14
a708d2f Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17
e726c05 Fix Jackson 2 deserializer for AuthenticationExtensionsClientOutputs
a7039fb Test Jackson 2 deserializer with unknown primitive WebAuthn ext
88ea668 Test Jackson 2 deserializer with unknown obj/arr WebAuthn ext
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-crypto from 6.5.8 to 6.5.9

Release notes

Sourced from org.springframework.security:spring-security-crypto's releases.

6.5.9

⭐ New Features

Update Link to CSRF Docs in FAQ #18616

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18544

saveAuthenticationRequest should read relayState from authenticationRequest #18872

Add Missing OnCommitedResponseWrapper Header Overrides #18798

Clarify Resource Server startup expectations #18518

Correct Reference to Clear-Site-Data Directive enum #18273

Fix CookieRequestCache parameters #18857

Fix Flaky Crypto Tests #18841

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18896

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18854

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18809

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18749

Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #18779

Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #18876

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18750

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18791

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18860

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18886

Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #18780

Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #18829

Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Hann244, @Khyojae, @ghusta, @itsmevichu, @qihaiyan, @rwinch, @therepanic, and @ziqin

Commits

0c54a55 Release 6.5.9
01ff3b0 Add Workflow for Deferring Issues
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
cdd4b36 Update Antora UI Spring to v0.4.26
7672f76 Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16
3db4999 Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14
a708d2f Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17
e726c05 Fix Jackson 2 deserializer for AuthenticationExtensionsClientOutputs
a7039fb Test Jackson 2 deserializer with unknown primitive WebAuthn ext
88ea668 Test Jackson 2 deserializer with unknown obj/arr WebAuthn ext
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-oauth2-core from 6.5.8 to 6.5.9

Release notes

Sourced from org.springframework.security:spring-security-oauth2-core's releases.

6.5.9

⭐ New Features

Update Link to CSRF Docs in FAQ #18616

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18544

saveAuthenticationRequest should read relayState from authenticationRequest #18872

Add Missing OnCommitedResponseWrapper Header Overrides #18798

Clarify Resource Server startup expectations #18518

Correct Reference to Clear-Site-Data Directive enum #18273

Fix CookieRequestCache parameters #18857

Fix Flaky Crypto Tests #18841

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18896

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18854

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18809

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18749

Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #18779

Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #18876

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18750

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18791

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18860

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18886

Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #18780

Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #18829

Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Hann244, @Khyojae, @ghusta, @itsmevichu, @qihaiyan, @rwinch, @therepanic, and @ziqin

Commits

0c54a55 Release 6.5.9
01ff3b0 Add Workflow for Deferring Issues
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
cdd4b36 Update Antora UI Spring to v0.4.26
7672f76 Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16
3db4999 Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14
a708d2f Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17
e726c05 Fix Jackson 2 deserializer for AuthenticationExtensionsClientOutputs
a7039fb Test Jackson 2 deserializer with unknown primitive WebAuthn ext
88ea668 Test Jackson 2 deserializer with unknown obj/arr WebAuthn ext
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-oauth2-jose from 6.5.8 to 6.5.9

Release notes

Sourced from org.springframework.security:spring-security-oauth2-jose's releases.

6.5.9

⭐ New Features

Update Link to CSRF Docs in FAQ #18616

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18544

saveAuthenticationRequest should read relayState from authenticationRequest #18872

Add Missing OnCommitedResponseWrapper Header Overrides #18798

Clarify Resource Server startup expectations #18518

Correct Reference to Clear-Site-Data Directive enum #18273

Fix CookieRequestCache parameters #18857

Fix Flaky Crypto Tests #18841

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18896

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18854

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18809

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18749

Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #18779

Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #18876

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18750

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18791

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18860

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18886

Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #18780

Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #18829

Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Hann244, @Khyojae, @ghusta, @itsmevichu, @qihaiyan, @rwinch, @therepanic, and @ziqin

Commits

0c54a55 Release 6.5.9
01ff3b0 Add Workflow for Deferring Issues
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
cdd4b36 Update Antora UI Spring to v0.4.26
7672f76 Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16
3db4999 Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14
a708d2f Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17
e726c05 Fix Jackson 2 deserializer for AuthenticationExtensionsClientOutputs
a7039fb Test Jackson 2 deserializer with unknown primitive WebAuthn ext
88ea668 Test Jackson 2 deserializer with unknown obj/arr WebAuthn ext
Additional commits viewable in compare view

Updates org.springframework.security:spring-security-oauth2-resource-server from 6.5.8 to 6.5.9

Release notes

Sourced from org.springframework.security:spring-security-oauth2-resource-server's releases.

6.5.9

⭐ New Features

Update Link to CSRF Docs in FAQ #18616

🪲 Bug Fixes

Fix GrantedAuthority.authority null in AuthoritiesAuthorizationManager #18544

saveAuthenticationRequest should read relayState from authenticationRequest #18872

Add Missing OnCommitedResponseWrapper Header Overrides #18798

Clarify Resource Server startup expectations #18518

Correct Reference to Clear-Site-Data Directive enum #18273

Fix CookieRequestCache parameters #18857

Fix Flaky Crypto Tests #18841

Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs #18896

🔨 Dependency Upgrades

Bump @antora/collector-extension from 1.0.2 to 1.0.3 in /docs #18854

Bump actions/upload-artifact from 6.0.0 to 7.0.0 #18809

Bump ch.qos.logback:logback-classic from 1.5.29 to 1.5.32 #18749

Bump com.fasterxml.jackson:jackson-bom from 2.18.5 to 2.18.6 #18779

Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16 #18876

Bump org-apache-maven-resolver from 1.9.25 to 1.9.26 #18750

Bump org-apache-maven-resolver from 1.9.26 to 1.9.27 #18791

Bump org.apache.maven:maven-resolver-provider from 3.9.12 to 3.9.13 #18860

Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14 #18886

Bump org.hibernate.orm:hibernate-core from 6.6.42.Final to 6.6.43.Final #18780

Bump org.hibernate.orm:hibernate-core from 6.6.43.Final to 6.6.44.Final #18829

Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17 #18903

❤️ Contributors

Thank you to all the contributors who worked on this release:

@Hann244, @Khyojae, @ghusta, @itsmevichu, @qihaiyan, @rwinch, @therepanic, and @ziqin

Commits

0c54a55 Release 6.5.9
01ff3b0 Add Workflow for Deferring Issues
33e6f4b Merge Fix Jackson Deserializer for AuthenticationExtensionsClientOutputs
cdd4b36 Update Antora UI Spring to v0.4.26
7672f76 Bump io.projectreactor:reactor-bom from 2024.0.15 to 2024.0.16
3db4999 Bump org.apache.maven:maven-resolver-provider from 3.9.13 to 3.9.14
a708d2f Bump org.springframework:spring-framework-bom from 6.2.16 to 6.2.17
e726c05 Fix Jackson 2 deserializer for AuthenticationExtensionsClientOutputs
a7039fb Test Jackson 2 deserializer with unknown primitive WebAuthn ext
88ea668 Test Jackson 2 deserializer with unknown obj/arr WebAuthn ext
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps `spring-security-6.version` from 6.5.8 to 6.5.9. Updates `org.springframework.security:spring-security-core` from 6.5.8 to 6.5.9 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.5.8...6.5.9) Updates `org.springframework.security:spring-security-oauth2-client` from 6.5.8 to 6.5.9 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.5.8...6.5.9) Updates `org.springframework.security:spring-security-config` from 6.5.8 to 6.5.9 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.5.8...6.5.9) Updates `org.springframework.security:spring-security-web` from 6.5.8 to 6.5.9 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.5.8...6.5.9) Updates `org.springframework.security:spring-security-crypto` from 6.5.8 to 6.5.9 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.5.8...6.5.9) Updates `org.springframework.security:spring-security-oauth2-core` from 6.5.8 to 6.5.9 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.5.8...6.5.9) Updates `org.springframework.security:spring-security-oauth2-jose` from 6.5.8 to 6.5.9 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.5.8...6.5.9) Updates `org.springframework.security:spring-security-oauth2-resource-server` from 6.5.8 to 6.5.9 - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.5.8...6.5.9) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-core dependency-version: 6.5.9 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.security:spring-security-oauth2-client dependency-version: 6.5.9 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.security:spring-security-config dependency-version: 6.5.9 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.security:spring-security-web dependency-version: 6.5.9 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.security:spring-security-crypto dependency-version: 6.5.9 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.security:spring-security-oauth2-core dependency-version: 6.5.9 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.security:spring-security-oauth2-jose dependency-version: 6.5.9 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.springframework.security:spring-security-oauth2-resource-server dependency-version: 6.5.9 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

codecov-commenter · 2026-03-26T03:20:19Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 60.82%. Comparing base (b54059d) to head (c092024).

Additional details and impacted files

@@             Coverage Diff              @@
##                3.3   #16160      +/-   ##
============================================
+ Coverage     60.80%   60.82%   +0.02%     
+ Complexity    11767    11760       -7     
============================================
  Files          1953     1953              
  Lines         89118    89118              
  Branches      13444    13444              
============================================
+ Hits          54190    54210      +20     
+ Misses        29367    29356      -11     
+ Partials       5561     5552       -9

Flag	Coverage Δ
integration-tests-java21	`32.18% <ø> (+0.01%)`	⬆️
integration-tests-java8	`32.25% <ø> (+<0.01%)`	⬆️
samples-tests-java21	`32.15% <ø> (-0.02%)`	⬇️
samples-tests-java8	`29.89% <ø> (+0.16%)`	⬆️
unit-tests-java11	`59.07% <ø> (+0.03%)`	⬆️
unit-tests-java17	`58.57% <ø> (+0.07%)`	⬆️
unit-tests-java21	`58.53% <ø> (+<0.01%)`	⬆️
unit-tests-java25	`58.51% <ø> (+0.01%)`	⬆️
unit-tests-java8	`59.07% <ø> (+<0.01%)`	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Mar 23, 2026

Merge branch '3.3' into dependabot/maven/spring-security-6.version-6.5.9

c092024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump spring-security-6.version from 6.5.8 to 6.5.9#16160

build(deps): bump spring-security-6.version from 6.5.8 to 6.5.9#16160
dependabot[bot] wants to merge 2 commits into3.3from
dependabot/maven/spring-security-6.version-6.5.9

dependabot bot commented on behalf of github Mar 23, 2026

Uh oh!

codecov-commenter commented Mar 26, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot bot commented on behalf of github Mar 23, 2026

6.5.9

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

6.5.9

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

6.5.9

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

6.5.9

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

6.5.9

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

6.5.9

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

6.5.9

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

6.5.9

⭐ New Features

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

Uh oh!

codecov-commenter commented Mar 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

codecov-commenter commented Mar 26, 2026 •

edited

Loading