From 85eb78e707a4d48a561feaa797110ba7d6fb724b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 16 Jun 2025 23:32:23 +0100
Subject: [PATCH] Bump springSecuritySamlVersion from 6.5.0 to 6.5.1 (#3735)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps `springSecuritySamlVersion` from 6.5.0 to 6.5.1.
Updates `org.springframework.security:spring-security-core` from 6.5.0
to 6.5.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-core's
releases</a>.</em></p>
<blockquote>
<h2>6.5.1</h2>
<h2>:star: New Features</h2>
<ul>
<li>Create demonstration of include-code usage <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17161">#17161</a></li>
<li>Setup include-code extension for docs <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17160">#17160</a></li>
</ul>
<h2>:beetle: Bug Fixes</h2>
<ul>
<li>ClearSiteDataHeaderWriter log is misleading <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17166">#17166</a></li>
<li>Fix to allow multiple AuthenticationFilter instances to process each
request <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17216">#17216</a></li>
<li>Inconsistent constructor declaration on bean with name
'_reactiveMethodSecurityConfiguration' <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17210">#17210</a></li>
<li>OAuth2ResourceServer using authenticationManagerResolver results in
<code>tokenAuthenticationManager cannot be null</code> while startup <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17172">#17172</a></li>
<li>Publishing a default TargetVisitor should not override Spring MVC
support <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17189">#17189</a></li>
<li>Use HttpStatus in back-channel logout filters <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17157">#17157</a></li>
</ul>
<h2>:hammer: Dependency Upgrades</h2>
<ul>
<li>Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17233">#17233</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to
0.29.3.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17192">#17192</a></li>
<li>Bump io-spring-javaformat from 0.0.43 to 0.0.45 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17152">#17152</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17220">#17220</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.18 to 2023.0.19 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17232">#17232</a></li>
<li>Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17204">#17204</a></li>
<li>Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17214">#17214</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.15.Final to
6.6.17.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17184">#17184</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to
6.6.18.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17256">#17256</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.6 to
2024.1.7 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17257">#17257</a></li>
<li>Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17239">#17239</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17238">#17238</a></li>
</ul>
<h2>:heart: Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a
href="https://github.com/evgeniycheban"><code>@​evgeniycheban</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/ebdd6c22a89e5b605b0540857f7824754922e56d"><code>ebdd6c2</code></a>
Release 6.5.1</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/f7cff8deb5e8772e402d6410007be8cef0b65084"><code>f7cff8d</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/b8c19f9df54ca4678df7c0d3ced8f3a8fa953d45"><code>b8c19f9</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to
6.6.18.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/f2dbe28b815161d187933143c336deb843306919"><code>f2dbe28</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/17fe96e4a74d37dfe7694ef09a3863efb2748654"><code>17fe96e</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/1828d56bf184472ff024577c8b8d9cf75572c73e"><code>1828d56</code></a>
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/71851de649f679f8f401ca3be7a02eddaaa7d36d"><code>71851de</code></a>
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to
3.2.13</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/60a930a49a64c78f9f29091fa9afdcd9616e49cc"><code>60a930a</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to
6.6.18.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/2b5170541306282ac956129764b244cd231519ea"><code>2b51705</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.6 to
2024.1.7</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/0a15dcaadfe6fd0404a26587d8ad9f1763d96137"><code>0a15dca</code></a>
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.5.0...6.5.1">compare
view</a></li>
</ul>
</details>
<br />

Updates
`org.springframework.security:spring-security-saml2-service-provider`
from 6.5.0 to 6.5.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's
releases</a>.</em></p>
<blockquote>
<h2>6.5.1</h2>
<h2>:star: New Features</h2>
<ul>
<li>Create demonstration of include-code usage <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17161">#17161</a></li>
<li>Setup include-code extension for docs <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17160">#17160</a></li>
</ul>
<h2>:beetle: Bug Fixes</h2>
<ul>
<li>ClearSiteDataHeaderWriter log is misleading <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17166">#17166</a></li>
<li>Fix to allow multiple AuthenticationFilter instances to process each
request <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17216">#17216</a></li>
<li>Inconsistent constructor declaration on bean with name
'_reactiveMethodSecurityConfiguration' <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17210">#17210</a></li>
<li>OAuth2ResourceServer using authenticationManagerResolver results in
<code>tokenAuthenticationManager cannot be null</code> while startup <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17172">#17172</a></li>
<li>Publishing a default TargetVisitor should not override Spring MVC
support <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17189">#17189</a></li>
<li>Use HttpStatus in back-channel logout filters <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17157">#17157</a></li>
</ul>
<h2>:hammer: Dependency Upgrades</h2>
<ul>
<li>Bump com.fasterxml.jackson:jackson-bom from 2.18.4 to 2.18.4.1 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17233">#17233</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.2.RELEASE to
0.29.3.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17192">#17192</a></li>
<li>Bump io-spring-javaformat from 0.0.43 to 0.0.45 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17152">#17152</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.7 to 1.14.8 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17220">#17220</a></li>
<li>Bump io.projectreactor:reactor-bom from 2023.0.18 to 2023.0.19 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17232">#17232</a></li>
<li>Bump io.spring.develocity.conventions from 0.0.22 to 0.0.23 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17204">#17204</a></li>
<li>Bump org.apache.maven:maven-resolver-provider from 3.9.9 to 3.9.10
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17214">#17214</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.15.Final to
6.6.17.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17184">#17184</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to
6.6.18.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17256">#17256</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.6 to
2024.1.7 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17257">#17257</a></li>
<li>Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to 3.2.13
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17239">#17239</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17238">#17238</a></li>
</ul>
<h2>:heart: Contributors</h2>
<p>Thank you to all the contributors who worked on this release:</p>
<p><a
href="https://github.com/evgeniycheban"><code>@​evgeniycheban</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/ebdd6c22a89e5b605b0540857f7824754922e56d"><code>ebdd6c2</code></a>
Release 6.5.1</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/f7cff8deb5e8772e402d6410007be8cef0b65084"><code>f7cff8d</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/b8c19f9df54ca4678df7c0d3ced8f3a8fa953d45"><code>b8c19f9</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to
6.6.18.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/f2dbe28b815161d187933143c336deb843306919"><code>f2dbe28</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/17fe96e4a74d37dfe7694ef09a3863efb2748654"><code>17fe96e</code></a>
Merge branch '6.3.x' into 6.4.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/1828d56bf184472ff024577c8b8d9cf75572c73e"><code>1828d56</code></a>
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/71851de649f679f8f401ca3be7a02eddaaa7d36d"><code>71851de</code></a>
Bump org.springframework.ldap:spring-ldap-core from 3.2.12 to
3.2.13</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/60a930a49a64c78f9f29091fa9afdcd9616e49cc"><code>60a930a</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.17.Final to
6.6.18.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/2b5170541306282ac956129764b244cd231519ea"><code>2b51705</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.6 to
2024.1.7</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/0a15dcaadfe6fd0404a26587d8ad9f1763d96137"><code>0a15dca</code></a>
Bump org.springframework:spring-framework-bom from 6.2.7 to 6.2.8</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.5.0...6.5.1">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index dd853c5b9..2b63508c6 100644
--- a/build.gradle
+++ b/build.gradle
@@ -24,7 +24,7 @@ ext {
     imageioVersion = "3.12.0"
     lombokVersion = "1.18.38"
     bouncycastleVersion = "1.81"
-    springSecuritySamlVersion = "6.5.0"
+    springSecuritySamlVersion = "6.5.1"
     openSamlVersion = "4.3.2"
     commonmarkVersion = "0.24.0"
     googleJavaFormatVersion = "1.27.0"