Releases: apache/shiro
Releases · apache/shiro
Apache Shiro 2.0.2
Enhancements
- [#1381] enh: Build on JDK 22 by @lprimak in #1530
- [#1762] enh: follow desired request scheme when doing redirection by @lprimak in #1727
- enh(jakarta,it-tests): no longer relying on hardcoded https port in t… by @lprimak in #1808
Bug fixes
- [SHIRO-875] Fix creating subjects from a
SubjectFactorythat disables session-creation by @boris-petrov in #1514 - bugfix(deps): remove junit bom from root by @lprimak in #1690
Maintenance Tasks
- chore: re-enabled API compatibility check plugin by @lprimak in #1652
- enh(checkstyle): disable method name validation for test classes by @lprimak in #1650
Dependency updates
- update quartz to 2.4.0-rc2, fix CVE-2023-39017 by @minchai23 in #1498
- chore(deps): bump org.quartz-scheduler:quartz from 2.4.0-rc2 to 2.5.0-rc1 by @dependabot in #1503
- chore(deps-dev): bump org.assertj:assertj-core from 3.25.3 to 3.26.0 by @dependabot in #1505
- chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.6.14 by @dependabot in #1506
- chore(deps): bump com.puppycrawl.tools:checkstyle from 10.16.0 to 10.17.0 by @dependabot in #1504
- chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.14 to 1.7.0 by @dependabot in #1508
- chore(deps): bump bytebuddy.version from 1.14.16 to 1.14.17 by @dependabot in #1509
- chore(deps-dev): bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 by @dependabot in #1511
- chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #1515
- chore(deps): bump com.flowlogix:flowlogix-jee from 5.5.3 to 5.5.4 by @dependabot in #1518
- chore(deps): bump org.apache.maven.plugins:maven-jxr-plugin from 3.3.2 to 3.4.0 by @dependabot in #1519
- chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in #1520
- chore(deps): bump org.apache.maven.plugins:maven-help-plugin from 3.4.0 to 3.4.1 by @dependabot in #1522
- chore(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 by @dependabot in #1523
- chore(deps): bump org.htmlunit:htmlunit from 4.1.0 to 4.2.0 by @dependabot in #1524
- chore(deps-dev): bump org.easymock:easymock from 5.2.0 to 5.3.0 by @dependabot in #1527
- chore(deps): bump org.apache.commons:commons-configuration2 from 2.10.1 to 2.11.0 by @dependabot in #1528
- chore(deps): bump github/codeql-action from 3.25.8 to 3.25.9 by @dependabot in #1533
- chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.22.0 to 3.23.0 by @dependabot in #1534
- chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #1535
- chore(deps): bump spring.version from 5.3.36 to 5.3.37 by @dependabot in #1539
- chore(deps): bump github/codeql-action from 3.25.9 to 3.25.10 by @dependabot in #1536
- deps: updated javassist to latest by @lprimak in #1545
- chore(deps-dev): bump tomcat.version from 10.1.24 to 10.1.25 by @dependabot in #1546
- chore(deps): bump org.apache.maven.plugins:maven-scm-publish-plugin from 3.2.1 to 3.3.0 by @dependabot in #1553
- chore(deps): bump junit.version from 5.10.2 to 5.10.3 by @dependabot in #1555
- chore(deps): bump org.htmlunit:htmlunit from 4.2.0 to 4.3.0 by @dependabot in #1556
- chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #1557
- chore(deps): bump org.projectlombok:lombok from 1.18.32 to 1.18.34 by @dependabot in #1558
- chore(deps): bump org.owasp:dependency-check-maven from 9.2.0 to 10.0.0 by @dependabot in #1564
- chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0 by @dependabot in #1562
- chore(deps): bump groovy.version from 4.0.21 to 4.0.22 by @dependabot in #1563
- chore(deps): bump org.owasp:dependency-check-maven from 10.0.0 to 10.0.1 by @dependabot in #1565
- chore(deps): bump jetty.version from 9.4.54.v20240208 to 9.4.55.v20240627 by @dependabot in #1567
- chore(deps): bump org.codehaus.mojo:taglist-maven-plugin from 3.0.0 to 3.1.0 by @dependabot in #1568
- chore(deps-dev): bump commons-logging:commons-logging from 1.3.2 to 1.3.3 by @dependabot in #1569
- chore(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #1573
- chore(deps): bump org.owasp:dependency-check-maven from 10.0.1 to 10.0.2 by @dependabot in #1575
- chore(deps-dev): bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by @dependabot in #1580
- chore(deps): bump bytebuddy.version from 1.14.17 to 1.14.18 by @dependabot in #1579
- chore(deps): bump org.jsoup:jsoup from 1.17.2 to 1.18.1 by @dependabot in #1586
- chore(deps): bump org.apache:apache from 32 to 33 by @dependabot in #1587
- chore(deps-dev): bump org.jboss.arquillian.junit5:arquillian-junit5-container from 1.8.0.Final to 1.9.0.Final by @dependabot in #1578
- chore(deps-dev): bump tomcat.version from 10.1.25 to 10.1.26 by @dependabot in #1594
- chore(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #1595
- chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.17.0 to 2.17.1 by @dependabot in #1600
- chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.23.0 to 3.24.0 by @dependabot in #1601
- chore(deps): bump org.owasp:dependency-check-maven from 10.0.2 to 10.0.3 by @dependabot in #1604
- chore(deps): bump com.hazelcast:hazelcast from 5.3.7 to 5.3.8 by @dependabot in #1605
- chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.3 to 3.6.4 by @dependabot in #1606
- chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.3 to 3.6.4 by @dependabot in #1607
- chore(deps): bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by @dependabot in #1608
- chore(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #1611
- chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.21.2 to 0.22.0 by @dependabot in #1612
- chore(deps-dev): bump arquillian.core.version from 1.9.0.Final to 1.9.1.Final by @dependabot in #1615
- chore(deps): bump github/codeql-action from 3.25.13 to 3.25.14 by @dependabot in #1616
- chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #1619
- chore(deps): bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in #1618
- chore(deps): bump org.htmlunit:htmlunit from 4.3.0 to 4.4.0 by @dependabot in #1620
- chore(deps-dev): bump org.hamcrest:hamcrest-core from 2.2 to 3.0 by @dependabot in #1624
- chore(deps-dev): bump org.easymock:easymock from 5.3.0 to 5.4.0 by @dependabot in #1625
- chore(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #1626
- chore(deps): bump org.owasp.encoder:encoder from 1.2.3 to 1.3.0 by @dependabot in #1628
- chore(deps): bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #1632
- chore(deps-dev): bump tomcat.version from 10.1.26 to 10.1.28 by @dependabot in #1634
- chore(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #1636
- chore(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in #1637
- chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.3.0 to 3.4.0 by @dependabot in #1643
- chore(deps): bump slf4j.version from 2.0.13 to 2.0.14 by @dependabot in #1642
- chore(deps): bump org.apache.commons:commons-lang3 from 3.15.0 to...
Contributors
boris-petrov, lprimak, and 2 other contributors
Assets 2
Apache Shiro 2.0.1
What's new Highlights
- Added a supported way to decorate Shiro
SecurityManager - Better compatibility with OSGi for Jakarta EE
jakartanamespace - Fixed exception handling bugs in Jax-Rs integration module
- Fixed a bug in Jakarta Faces integration
- Better compatibility when building with Maven 4.x
Bug fixes
- [#1324] enh: added ManifestResourceTransformer to shade plugin by @lprimak in #1328
- [#1352] bugfix: made commons-configuration2 optional in shiro core by @lprimak in #1353
- [SHIRO-491] fix rendering of principal tag in panelGroup by @lprimak in #1371
- [#1383] bugfix: fix exception mapper type from registered features by @lprimak in #1384
- [SHIRO-875] Fix creating subjects with disabled session-creation by @boris-petrov in #1407
- [#1383] bugfix(jax-rs): unauthenticated vs. authorized HTTP response codes we… by @lprimak in #1487
- bugfix(tests): using JUnit's ResourceLock annotation for tests that touch… by @lprimak in #1467
Enhancements
- [SHIRO-776] refactor: JUnit5 Best Practices by @timtebeek in #1338
- deps: fix warnings found by maven 4-alpha-13 by @lprimak in #1377
- [#1424] [Enhancement] Made Jakarta EE IniEnvironment more flexible by @lprimak in #1425
- [#1424] Add generic way to decorate SecurityManager by @lprimak in #1429
Documentation enhancements
Dependency updates
- build(deps): bump log4j.version from 2.22.1 to 2.23.0 by @dependabot in #1321
- build(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0 by @dependabot in #1325
- build(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.10 to 3.10.1 by @dependabot in #1330
- build(deps): bump actions/setup-java from 4.0.0 to 4.1.0 by @dependabot in #1331
- build(deps): bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 by @dependabot in #1332
- build(deps): bump mockito.version from 5.10.0 to 5.11.0 by @dependabot in #1334
- build(deps): bump groovy.version from 4.0.18 to 4.0.19 by @dependabot in #1335
- build(deps): bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #1336
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.5 to 0.19.1 by @dependabot in #1341
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.19.1 to 0.20.0 by @dependabot in #1342
- build(deps): bump log4j.version from 2.23.0 to 2.23.1 by @dependabot in #1349
- build(deps): bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.14.1 by @dependabot in #1350
- build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #1354
- build(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.10.1 to 3.10.2 by @dependabot in #1355
- build(deps): bump actions/setup-java from 4.1.0 to 4.2.0 by @dependabot in #1358
- build(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.2 to 3.6.3 by @dependabot in #1361
- build(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.2 to 3.6.3 by @dependabot in #1359
- build(deps): bump org.apache.commons:commons-configuration2 from 2.9.0 to 2.10.0 by @dependabot in #1360
- build(deps): bump spring.version from 5.3.32 to 5.3.33 by @dependabot in #1363
- build(deps): bump groovy.version from 4.0.19 to 4.0.20 by @dependabot in #1364
- build(deps): bump actions/setup-java from 4.2.0 to 4.2.1 by @dependabot in #1365
- build(deps): bump org.owasp:dependency-check-maven from 9.0.9 to 9.0.10 by @dependabot in #1368
- build(deps): bump com.puppycrawl.tools:checkstyle from 10.14.1 to 10.14.2 by @dependabot in #1370
- build(deps): bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in #1372
- build(deps): bump org.projectlombok:lombok from 1.18.30 to 1.18.32 by @dependabot in #1375
- build(deps): bump org.apache.commons:commons-configuration2 from 2.10.0 to 2.10.1 by @dependabot in #1379
- build(deps-dev): bump commons-logging:commons-logging from 1.3.0 to 1.3.1 by @dependabot in #1386
- build(deps-dev): bump tomcat.version from 10.1.19 to 10.1.20 by @dependabot in #1388
- build(deps): bump bytebuddy.version from 1.14.12 to 1.14.13 by @dependabot in #1390
- build(deps): bump com.puppycrawl.tools:checkstyle from 10.14.2 to 10.15.0 by @dependabot in #1394
- build(deps): bump org.owasp:dependency-check-maven from 9.0.10 to 9.1.0 by @dependabot in #1395
- build(deps): bump org.htmlunit:htmlunit from 3.11.0 to 4.0.0 by @dependabot in #1397
- build(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.11 to 0.8.12 by @dependabot in #1398
- build(deps): bump com.hazelcast:hazelcast from 5.3.6 to 5.3.7 by @dependabot in #1399
- build(deps): bump groovy.version from 4.0.20 to 4.0.21 by @dependabot in #1404
- build(deps): bump spring.version from 5.3.33 to 5.3.34 by @dependabot in #1405
- build(deps): bump org.apache.karaf.features:framework from 4.4.5 to 4.4.6 by @dependabot in #1409
- build(deps): bump slf4j.version from 2.0.12 to 2.0.13 by @dependabot in #1408
- build(deps): bump org.omnifaces:omnifaces from 3.14.4 to 3.14.5 by @dependabot in #1411
- build(deps): bump org.apache:apache from 31 to 32 by @dependabot in #1416
- build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #1418
- build(deps): bump commons-cli:commons-cli from 1.6.0 to 1.7.0 by @dependabot in #1420
- build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #1427
- build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #1430
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.20.0 to 0.21.0 by @dependabot in #1433
- build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #1434
- build(deps): bump bytebuddy.version from 1.14.13 to 1.14.14 by @dependabot in #1439
- build(deps-dev): bump tomcat.version from 10.1.20 to 10.1.23 by @dependabot in #1438
- deps: upgrade to Arquillian Graphene 3 by @lprimak in #1440
- build(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.21.2 to 3.22.0 by @dependabot in #1441
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.21.0 to 0.21.1 by @dependabot in #1442
- build(deps): bump com.puppycrawl.tools:checkstyle from 10.15.0 to 10.16.0 by @dependabot in #1447
- build(deps): bump org.htmlunit:htmlunit from 4.0.0 to 4.1.0 by @dependabot in #1448
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.21.1 to 0.21.2 by @dependabot in #1456
- Dependencies: BouncyCastle 1.78.1 and Payara updates by @lprimak in #1459
- build(deps-dev): bump org.bouncycastle:bcprov-jdk18on from 1.77 to 1.78.1 by @dependabot in #1419
- build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #1461
- build(deps): bump com.mycila:license-maven-plugin from 4.3 to 4.4 by @dependabot in #1462
- build(deps): bump bytebuddy.version from 1.14.14 to 1.14.15 by @dependabot in #1464
- build(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.10.2 to 3.10.3 by @dependabot in #1465
- build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #1466
- build(deps): bump mockito.version from 5.11.0 to 5.12.0 by @dependabot in #1468
- build(deps): bump com.mycila:license-maven-plugin from 4.4 to 4.5 by @dependabot in https://github.com/apache/shiro/pull...
Contributors
boris-petrov, lprimak, and 2 other contributors
Assets 2
Apache Shiro 2.0.0
What's new Highlights
- Java 11 is the minimum supported JVM version
- Stronger default password hashing algorithms (Argon2 and BCrypt)
- Jakarta EE 10 support (Java/Jakarta EE 8 is also supported)
- New Jakarta EE integration module (see Jakarta EE Integration for more information)
- SpringBoot 3.x support (SpringBoot 2.x is also supported)
- Automatic form resubmission when session expired (Jakarta EE only)
What's Changed
- [SHIRO-762] Mark
SecurityUtils.securityManageras volatile by @boris-petrov in #218 - [SHIRO-765] Upgrade to Apache Pom Parent 23 by @fpapon in #222
- [SHIRO-766] ignore exception on invalid cookies. by @bmarwell in #225
- [SHIRO-764] Add IpFilter for restricting access IP ranges by @mookkiah in #219
- SHIRO-708 - Remove deprecated shiro-cas module by @coheigea in #152
- [SHIRO-770] Remove base64 implementation, keep UTF-8 codec by default. by @bmarwell in #224
- [SHIRO-750] update jax-rs dependency to jakarta. Non-Breaking change. by @bmarwell in #207
- [SHIRO-750] update jax-rs dependency to jakarta. by @bmarwell in #226
- Remove CI profile for 2.0.0 by @fpapon in #229
- [SHIRO-770] Fix test regression introduced by SHIRO-770. by @bmarwell in #228
- [SHIRO-772] Remove PowerMock from EnvironmentLoaderServiceTest.java. by @bmarwell in #230
- [SHIRO-773] update groovy for JDK14 builds. by @bmarwell in #231
- [SHIRO-775] Excessive logging in jetty ContainerITs by @fpapon in #233
- [SHIRO-771] Add additional build jobs with various JDKs. by @bmarwell in #227
- (doc) Committer Update by @bmarwell in #221
- [SHIRO-774] remove ignored prerequisites by @bmarwell in #234
- [SHIRO-777] remove powermock. by @bmarwell in #235
- [SHIRO-768] Remove the shiro-all module by @fpapon in #232
- [SHIRO-679] Shiro modules have split packages by @fpapon in #236
- [SHIRO-776] Update JUnit by @bmarwell in #237
- (DOC) - Fix the annotation of setCredentialsMatcher method in AuthenticatingR… by @ramostear in #238
- [SHIRO-761] Bad OSGi import for javax.annotation in shiro-guice by @fpapon in #243
- [SHIRO-551] Implement toString() for DelegatingSubject.java. by @bmarwell in #220
- [SHIRO-784] Fixed issue where no custom filters are defined in spring (non-boot) apps by @bdemers in #244
- [SHIRO-778] onInit method on AuthenticatingRealm is called twice by @fpapon in #240
- [SHIRO-610] Allways create resolver for non-empty IniWebEnvironment by @tbrugz in #242
- [SHIRO-398] - Renamed the variable interval to sessionValidationInterval by @vgaur in #245
- [SHIRO-785] Upgrade to maven-bundle-plugin 5.1.1 by @fpapon in #246
- [SHIRO-786] Upgrade to Spring 5.2.8.RELEASE and Spring boot 2.3.2.REL… by @fpapon in #247
- [SHIRO-780] NOTICE files of shiro components don't match NOTICE in so… by @fpapon in #239
- Add Jenkins file by @fpapon in #249
- [SHIRO-767] Fixed issue where ClassUtil cannot load the array of Primitive DataType... by @ddddyyyy in #248
- [SHIRO-740] SslFilter with HTTP Strict Transport Security (HSTS) by @raupachz in #55
- SHIRO-349 Security: Byte arrays (and other memory) holding sensitive … by @bmarwell in #254
- Add Sonarqube quality check by @fpapon in #256
- Move sonar build step to Java 11 pipeline by @fpapon in #258
- [SHIRO-793] deleteMe cookie should use the defined "sameSite" by @FredTreg in #257
- Update AbstractContainerIT to allow for HTTPS connections Using a pre-generated keystore (master) by @bdemers in #260
- [No JIRA] Fix inefficient iterators by @TomMD in #250
- [SHIRO-789] Add SameSite option to AbstractShiroWebConfiguration.buildCookie by @bmarwell in #251
- [CI] Update maven and jdk labels by @fpapon in #261
- Update Jetty to 9.4.33.v20201020 to fix CVE-2020-27216 by @coheigea in #262
- Update to Jetty 9.4.34.v20201102 by @coheigea in #264
- [SHIRO-797] Shiro 1.7.0 is lower than using springboot version 2.0.7 dependency error by @dngzs in #263
- Fix: flushes ByteArrayOutputStream before using by @lcc in #266
- (build) GitHub workflow by @bmarwell in #271
- Updating maven-war-plugin to 3.3.1 by @coheigea in #274
- (build) delete .travis.yml by @bmarwell in #276
- (no-issue) remove invalid and unused imports leading to a compile error. by @bmarwell in #277
- (build) fix JDK 16/17 builds by @bmarwell in #278
- (build) jenkinsfile matrix build. by @bmarwell in #281
- [SHIRO-807] remove deprecated method signature by @bmarwell in #272
- (build) do not try to deploy on PRs. by @bmarwell in #283
- [SHIRO-811] fix toggling test through Mockito conversion. by @bmarwell in #282
- [SHIRO-811] isolate SecurityManagerTestSupport-based tests. by @bmarwell in #284
- [INFRA-21061] Adotp 'latest' aliases for AdoptOpenJDK.net JVMs. by @bmarwell in #291
- Bugfix, fixed Scanner issue by @pitjazz in #288
- [SHIRO-812] Key value separator in config is broken with escape char by @fpapon in #286
- [SHIRO-812] Remove splitKeyValue test by @fpapon in #292
- Fixed a bug, removed the boxing to long. by @pitjazz in #287
- [INFRA-21748] Rename Shiro master branch to main by @fpapon in #295
- Pr 297 to main by @bdemers in #298
- Fix typo in Guice quickstart by @bdemers in #294
- [SHIRO-804] - Avoid conflicts with spring boot aop by @seaswalker in #268
- [SHIRO-290] Implement BCrypt and Argon2 by @bmarwell in #280
- [SHIRO-819] Migrato to spring-boot-maven-plugin by @bmarwell in #304
- [SHIRO-818] Return other status codes for AuthorizationExceptions. by @bmarwell in #303
- [SHIRO-823] remove broken jaxrs sample project. by @bmarwell in #305
- [SHIRO-822] Update aspectj-maven-plugin. by @bmarwell in #306
- Combine Spring Boot starters (web and non-web) into single module by @bdemers in #293
- [SHIRO-817] Update
CommonsInterpolatordoc to reflect actual behavior by @weltonrodrigo in #302 - update setup-jdk / maven action. by @bmarwell in #301
- [SHIRO-825] Fixes "IllegalArgumentException: There is no configured chain under the name/key" by @zAlbee in #309
- Add note about reporting a vuln in the PR template by @bdemers in #312
- Upgrade to Apache pom 24 and make build reproductible by @fpapon in #313
- Configure new JIRA "issues" mailing list in asf.yaml by @bdemers in #307
- (build) update latest GA'd JDKs to 16. by @bmarwell in #300
- [SHIRO-806] remove deprecated DefaultLdapContextFactory in Shiro 2.0. by @bmarwell in #270
- [SHIRO-805] Spelling by @jsoref in #269
- [SHIRO-678] only query parameters for sessionID if found by @bmarwell in #317
- [SHIRO-216] Add @documented to Shiro annotations by @bdemers in #318
- [SHIRO-836] - Remove not used jsecurity-sample.jks file by @ThanoshanMV in #320
- [SHIRO-840] Java 17 support. by @bmarwell in #321
- [SHIRO-828] update aspectj-maven-plugin by @bmarwell in #323
- [SHIRO-838] create sha512 and sha3-512 hashes. by @bmarwell in #327
- [SHIRO-840] Use Java17 buildjob on Jenkins by @bmarwell in https://github.com/apache/shiro...
Contributors
khmarbaise, bdemers, and 41 other contributors
Assets 2
2.0.0-alpha-4
What's Changed
- build(deps): bump com.puppycrawl.tools:checkstyle from 10.12.1 to 10.12.2 by @dependabot in #1023
- build(deps): bump org.yaml:snakeyaml from 2.0 to 2.1 by @dependabot in #1029
- build(deps-dev): bump arquillian.version from 1.7.0.Final to 1.7.1.Final by @dependabot in #1033
- build(deps): bump aspectj.version from 1.9.19 to 1.9.20 by @dependabot in #1032
- [#1010] deps: updated htmlunit to 3.5.0 by @lprimak in #1035
- build(deps): bump org.owasp:dependency-check-maven from 8.3.1 to 8.4.0 by @dependabot in #1036
- build(deps): bump com.hazelcast:hazelcast from 5.3.1 to 5.3.2 by @dependabot in #1037
- build(deps): bump mockito.version from 5.4.0 to 5.5.0 by @dependabot in #1039
- Fix the Maven Central badge by @marcelstoer in #1042
- build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #1046
- build(deps): bump spring-boot.version from 2.7.14 to 2.7.15 by @dependabot in #1044
- build(deps): bump jetty.version from 9.4.51.v20230217 to 9.4.52.v20230823 by @dependabot in #1052
- build(deps): bump org.yaml:snakeyaml from 2.1 to 2.2 by @dependabot in #1053
- build(deps): bump com.puppycrawl.tools:checkstyle from 10.12.2 to 10.12.3 by @dependabot in #1054
- build(deps-dev): bump org.easymock:easymock from 5.1.0 to 5.2.0 by @dependabot in #1056
- build(deps-dev): bump com.flowlogix:flowlogix-jee from 5.5 to 5.5.1 by @dependabot in #1058
- #1048: Solved base64 problem with remember me cookie. by @JaapD in #1049
- build(deps): bump aspectj.version from 1.9.20 to 1.9.20.1 by @dependabot in #1060
- build(deps): bump slf4j.version from 2.0.7 to 2.0.9 by @dependabot in #1061
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.2 to 0.17.3 by @dependabot in #1062
- build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #1065
- build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #1066
- build(deps-dev): bump org.junit-pioneer:junit-pioneer from 2.0.1 to 2.1.0 by @dependabot in #1067
- build(deps): bump actions/cache from 3.3.1 to 3.3.2 by @dependabot in #1068
- build(deps): bump spring.version from 5.3.29 to 5.3.30 by @dependabot in #1070
- deps: bouncycastle update artifact by @lprimak in #1071
- build(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.0 to 2.16.1 by @dependabot in #1073
- build(deps): bump org.projectlombok:lombok from 1.18.28 to 1.18.30 by @dependabot in #1074
- build(deps): bump actions/setup-java from 3.12.0 to 3.13.0 by @dependabot in #1076
- build(deps-dev): bump com.flowlogix:flowlogix-jee from 5.5.1 to 5.5.2 by @dependabot in #1082
- build(deps): bump spring-boot.version from 2.7.15 to 2.7.16 by @dependabot in #1081
- [#1079] - bugfix: make sure form resubmit cookie is secure by @lprimak in #1078
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.3 to 0.18.0 by @dependabot in #1083
- build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #1085
- build(deps): bump org.omnifaces:omnifaces from 3.14.3 to 3.14.4 by @dependabot in #1088
- build(deps): bump com.mycila:license-maven-plugin from 4.2 to 4.3 by @dependabot in #1089
- build(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 3.0.0 to 3.0.2 by @dependabot in #1095
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.0 to 0.18.1 by @dependabot in #1096
- [#1097] enh(build,ci,jdk): run on jdk 11, 17, and 21 by @lprimak in #1098
- build(deps): bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4 by @dependabot in #1099
- build(deps): bump org.htmlunit:htmlunit from 3.5.0 to 3.6.0 by @dependabot in #1102
- [#1100] - bugfix(build): force AspectJ compilation every time, as it doesn't detect… by @lprimak in #1103
- [#1005] - Expand checkstyle to all modules (root). by @damonxue in #1069
- build(deps): bump mockito.version from 5.5.0 to 5.6.0 by @dependabot in #1104
- build(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.8.2 to 3.9 by @dependabot in #1105
- bugfix: numerous spelling fixes in method names in form resubmit internals
- build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in #1108
- build(deps): bump bytebuddy.version from 1.14.8 to 1.14.9 by @dependabot in #1109
- build(deps): bump jetty.version from 9.4.52.v20230823 to 9.4.53.v20231009 by @dependabot in #1111
- build(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11 by @dependabot in #1114
- build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #1115
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.1 to 0.18.2 by @dependabot in #1120
- enh: Compiles on JDK 21
- enh(jdk): run on jdk 11, 17, and 21
- build(deps): bump spring-boot.version from 2.7.16 to 2.7.17 by @dependabot in #1121
- build(deps): bump org.glassfish.jaxb:jaxb-runtime from 2.3.8 to 2.3.9 by @dependabot in #1127
- build(deps): bump com.hazelcast:hazelcast from 5.3.2 to 5.3.4 by @dependabot in #1128
- build(deps): bump org.jsoup:jsoup from 1.16.1 to 1.16.2 by @dependabot in #1129
- Remove dashboard-maven-plugin from build (Shiro 2.x) by @bdemers in #1132
- Fix naming of WebContainer Tests/IT (Shiro 2.x) by @bdemers in #1131
- build(deps): bump org.owasp:dependency-check-maven from 8.4.0 to 8.4.2 by @dependabot in #1133
- build(deps): bump com.hazelcast:hazelcast from 5.3.4 to 5.3.5 by @dependabot in #1135
- build(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in #1136
- deps: update dependencies that dependabot missed (mostly Apache) by @lprimak in #1142
- build(deps): bump org.htmlunit:htmlunit from 3.6.0 to 3.7.0 by @dependabot in #1145
- [Test] Refactored test to use utility function to get annotation instead of array indexing by @wang3820 in #1149
- build(deps): bump mockito.version from 5.6.0 to 5.7.0 by @dependabot in #1150
- build(deps): bump junit.version from 5.10.0 to 5.10.1 by @dependabot in #1153
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.2 to 0.18.3 by @dependabot in #1154
- enh(jdk): run on jdk 11, 17, and 21
New Contributors
- @marcelstoer made their first contribution in #1042
- @JaapD made their first contribution in #1049
- @damonxue made their first contribution in #1069
- @wang3820 made their first contribution in #1149
Full Changelog: shiro-root-2.0.0-alpha-3...shiro-root-2.0.0-alpha-4
Contributors
bdemers, marcelstoer, and 5 other contributors
Assets 2
Apache Shiro 1.13.0
What's Changed
- build(deps): bump spring.version from 5.3.28 to 5.3.29 by @dependabot in #1008
- build(deps): bump spring-boot.version from 2.7.13 to 2.7.14 by @dependabot in #1017
- build(deps): bump com.google.guava:guava from 32.1.1-jre to 32.1.2-jre by @dependabot in #1024
- build(deps): bump org.owasp:dependency-check-maven from 8.3.1 to 8.4.0 by @dependabot in #1038
- build(deps-dev): bump org.mockito:mockito-core from 5.4.0 to 5.5.0 by @dependabot in #1041
- build(deps-dev): bump org.codehaus.groovy:groovy from 2.5.22 to 2.5.23 by @dependabot in #1040
- build(deps): bump spring-boot.version from 2.7.14 to 2.7.15 by @dependabot in #1047
- build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #1045
- build(deps): bump jetty.version from 9.4.51.v20230217 to 9.4.52.v20230823 by @dependabot in #1051
- build(deps-dev): bump org.easymock:easymock from 5.1.0 to 5.2.0 by @dependabot in #1055
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.2 to 0.17.3 by @dependabot in #1063
- build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #1064
- build(deps): bump spring.version from 5.3.29 to 5.3.30 by @dependabot in #1072
- build(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.0 to 2.16.1 by @dependabot in #1075
- build(deps): bump spring-boot.version from 2.7.15 to 2.7.16 by @dependabot in #1080
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.3 to 0.18.0 by @dependabot in #1084
- build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #1087
- build(deps): bump com.mycila:license-maven-plugin from 4.2 to 4.3 by @dependabot in #1090
- build(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 3.0.0 to 3.0.2 by @dependabot in #1093
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.0 to 0.18.1 by @dependabot in #1094
- build(deps-dev): bump org.mockito:mockito-core from 5.5.0 to 5.6.0 by @dependabot in #1106
- build(deps): bump jetty.version from 9.4.52.v20230823 to 9.4.53.v20231009 by @dependabot in #1110
- build(deps): bump com.google.guava:guava from 32.1.2-jre to 32.1.3-jre by @dependabot in #1112
- build(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11 by @dependabot in #1113
- build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #1116
- build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.1 to 0.18.2 by @dependabot in #1119
- Disable dependency convergence report by @bdemers in #933
- build(deps): bump spring-boot.version from 2.7.16 to 2.7.17 by @dependabot in #1122
- build(deps): bump jersey.version from 2.40 to 2.41 by @dependabot in #1130
- Fix naming of WebContainer Tests/IT by @bdemers in #1123
- Remove dashboard-maven-plugin from build by @bdemers in #1124
- build(deps): bump org.owasp:dependency-check-maven from 8.4.0 to 8.4.2 by @dependabot in #1134
- [#1138] Upgrade to Common-cli 1.6.0 by @fpapon in #1139
- Skipping tests while running release by @bdemers in #1137
- [#1140] Upgrade to Common-codec 1.16.0 by @fpapon in #1141
- [#1143] Upgrade to ASF pom parent 30 by @fpapon in #1144
- build(deps): bump com.ibm.icu:icu4j from 73.2 to 74.1 by @dependabot in #1148
Full Changelog: shiro-root-1.12.0...shiro-root-1.13.0
Contributors
bdemers, fpapon, and dependabot
Assets 2
shiro-root-1.12.0
What's Changed
- Bump mockito-core from 4.9.0 to 5.0.0 by @dependabot in #645
- Bump dependency-check-maven from 7.4.1 to 8.0.0 by @dependabot in #646
- Bump htmlunit from 2.66.0 to 2.69.0 by @dependabot in #636
- Bump actions/checkout from 3.2.0 to 3.3.0 by @dependabot in #631
- Bump easymock from 5.0.1 to 5.1.0 by @dependabot in #628
- Bump versions-maven-plugin from 2.14.1 to 2.14.2 by @dependabot in #608
- Bump groovy from 2.5.18 to 2.5.20 by @dependabot in #607
- Bump maven-invoker-plugin from 3.2.2 to 3.4.0 by @dependabot in #605
- Bump maven-shade-plugin from 3.3.0 to 3.4.1 by @dependabot in #604
- Bump mrm-maven-plugin from 1.4.1 to 1.5.0 by @dependabot in #609
- Bump dependency-check-maven from 8.0.0 to 8.0.1 by @dependabot in #656
- Bump maven-surefire-report-plugin from 3.0.0-M7 to 3.0.0-M8 by @dependabot in #655
- Bump maven-surefire-plugin from 3.0.0-M7 to 3.0.0-M8 by @dependabot in #651
- Bump framework from 4.4.2 to 4.4.3 by @dependabot in #654
- Bump maven-pmd-plugin from 3.19.0 to 3.20.0 by @dependabot in #650
- Bump maven-project-info-reports-plugin from 3.4.1 to 3.4.2 by @dependabot in #649
- Bump htmlunit from 2.69.0 to 2.70.0 by @dependabot in #663
- Bump groovy from 2.5.20 to 2.5.21 by @dependabot in #662
- Bump meecrowave-core from 1.2.14 to 1.2.15 by @dependabot in #661
- Bump spring-boot.version from 2.7.7 to 2.7.8 by @dependabot in #660
- Bump maven-dependency-plugin from 3.4.0 to 3.5.0 by @dependabot in #652
- Bump maven-failsafe-plugin from 3.0.0-M7 to 3.0.0-M8 by @dependabot in #653
- Bump buildnumber-maven-plugin from 1.4 to 3.0.0 by @dependabot in #600
- Bump opensaml from 1.1 to 2.6.4 by @dependabot in #598
- Bump jersey-container-grizzly2-servlet from 2.23.2 to 2.38 by @dependabot in #602
- Bump spring.version from 5.3.23 to 5.3.25 by @dependabot in #693
- Bump jetty.version from 9.4.47.v20220610 to 9.4.50.v20221201 by @dependabot in #702
- Bump mockito-core from 5.0.0 to 5.1.0 by @dependabot in #703
- Bump dependency-check-maven from 8.0.1 to 8.0.2 by @dependabot in #704
- [SHIRO-849] Add cache module for JCache by @fpapon in #696
- Bump cache2k-jcache from 2.4.1.Final to 2.6.1.Final by @dependabot in #709
- Bump mockito-core from 5.1.0 to 5.1.1 by @dependabot in #710
- Bump maven-enforcer-plugin from 3.1.0 to 3.2.1 by @dependabot in #711
- Bump hibernate.version from 5.6.14.Final to 5.6.15.Final by @dependabot in #719
- Bump dependency-check-maven from 8.0.2 to 8.1.0 by @dependabot in #739
- Bump maven-surefire-plugin from 3.0.0-M8 to 3.0.0-M9 by @dependabot in #742
- Bump maven-failsafe-plugin from 3.0.0-M8 to 3.0.0-M9 by @dependabot in #741
- Bump maven-surefire-report-plugin from 3.0.0-M8 to 3.0.0-M9 by @dependabot in #740
- Bump maven-invoker-plugin from 3.4.0 to 3.5.0 by @dependabot in #745
- Bump maven-javadoc-plugin from 3.4.1 to 3.5.0 by @dependabot in #744
- Bump jersey.version from 2.38 to 2.39 by @dependabot in #746
- Properly handle fluent setters by @leleuj in #753
- Bump versions-maven-plugin from 2.14.2 to 2.15.0 by @dependabot in #757
- Bump maven-assembly-plugin from 3.4.2 to 3.5.0 by @dependabot in #758
- Bump spring-boot.version from 2.7.8 to 2.7.9 by @dependabot in #756
- Bump maven-compiler-plugin from 3.10.1 to 3.11.0 by @dependabot in #765
- Bump jetty.version from 9.4.50.v20221201 to 9.4.51.v20230217 by @dependabot in #763
- Bump dependency-check-maven from 8.1.0 to 8.1.1 by @dependabot in #764
- Bump dependency-check-maven from 8.1.1 to 8.1.2 by @dependabot in #767
- Bump japicmp-maven-plugin from 0.17.1 to 0.17.2 by @dependabot in #769
- Bump resteasy.version from 3.15.3.Final to 3.15.6.Final by @dependabot in #770
- Bump mockito-core from 5.1.1 to 5.2.0 by @dependabot in #775
- Bump maven-failsafe-plugin from 3.0.0-M9 to 3.0.0 by @dependabot in #779
- Bump maven-surefire-plugin from 3.0.0-M9 to 3.0.0 by @dependabot in #780
- Bump maven-surefire-report-plugin from 3.0.0-M9 to 3.0.0 by @dependabot in #781
- Bump actions/checkout from 3.3.0 to 3.4.0 by @dependabot in #788
- Bump spring.version from 5.3.25 to 5.3.26 by @dependabot in #792
- Bump maven-release-plugin from 3.0.0-M7 to 3.0.0 by @dependabot in #793
- Bump dependency-check-maven from 8.1.2 to 8.2.0 by @dependabot in #797
- Bump spring-boot.version from 2.7.9 to 2.7.10 by @dependabot in #800
- Bump dependency-check-maven from 8.2.0 to 8.2.1 by @dependabot in #804
- Bump jersey.version from 2.39 to 2.39.1 by @dependabot in #803
- Bump actions/checkout from 3.4.0 to 3.5.0 by @dependabot in #807
- Bump maven-resources-plugin from 3.3.0 to 3.3.1 by @dependabot in #808
- Bump license-maven-plugin from 4.1 to 4.2 by @dependabot in #809
- Bump maven-scm-publish-plugin from 3.1.0 to 3.2.1 by @dependabot in #816
- Bump commons-configuration2 from 2.8.0 to 2.9.0 by @dependabot in #818
- Bump xmlsec from 2.1.4 to 3.0.2 by @dependabot in #820
- Bump groovy from 2.5.21 to 2.5.22 by @dependabot in #823
- Bump maven-invoker-plugin from 3.5.0 to 3.5.1 by @dependabot in #822
- Bump jacoco-maven-plugin from 0.8.8 to 0.8.9 by @dependabot in #826
- Bump maven-enforcer-plugin from 3.2.1 to 3.3.0 by @dependabot in #828
- build(deps): bump actions/checkout from 3.5.0 to 3.5.1 by @dependabot in #838
- build(deps-dev): bump mockito-core from 5.2.0 to 5.3.0 by @dependabot in #839
- build(deps): bump spring.version from 5.3.26 to 5.3.27 by @dependabot in #844
- build(deps): bump actions/checkout from 3.5.1 to 3.5.2 by @dependabot in #843
- build(deps): bump maven-project-info-reports-plugin from 3.4.2 to 3.4.3 by @dependabot in #846
- build(deps): bump spring-boot.version from 2.7.10 to 2.7.11 by @dependabot in #849
- build(deps-dev): bump mockito-core from 5.3.0 to 5.3.1 by @dependabot in #852
- build(deps): bump jacoco-maven-plugin from 0.8.9 to 0.8.10 by @dependabot in #856
- build(deps): bump maven-surefire-report-plugin from 3.0.0 to 3.1.0 by @dependabot in #865
- build(deps): bump maven-failsafe-plugin from 3.0.0 to 3.1.0 by @dependabot in #867
- build(deps): bump maven-surefire-plugin from 3.0.0 to 3.1.0 by @dependabot in #866
- build(deps): bump cxf.version from 3.5.5 to 3.6.0 by @dependabot in #871
- build(deps): bump build-helper-maven-plugin from 3.3.0 to 3.4.0 by @dependabot in #874
- build(deps): bump buildnumber-maven-plugin from 3.0.0 to 3.1.0 by @dependabot in #876
- build(deps): bump spring-boot.version from 2.7.11 to 2.7.12 by @dependabot in #880
- build(deps): bump gmavenplus-plugin from 2.1.0 to 3.0.0 by @dependabot in #883
- build(deps): bump guava from 31.1-jre to 32.0.0-jre by @dependabot in #889
- build(deps-dev): bump hsqldb from 2.7.1 to 2.7.2 by @dependabot in #893
- build(deps): bump versions-maven-plugin from 2.15.0 t...
Contributors
cstamas, lprimak, and 3 other contributors
Assets 2
shiro-root-1.11.0
shiro-root-1.11.0
This tag was signed with the committer’s verified signature.
bdemers
Brian Demers
What's Changed
- Bump mockito-core from 4.8.0 to 4.9.0 by @dependabot in #541
- [SHIRO-899] Added HttpSessionContext shim for Jakarta 9+ (1.11.x branch) by @lprimak in #555
- [SHIRO-899] moved the HttpSessionContext Jakarta shim into Shiro pack… (1.11.x) by @lprimak in #558
- [SHIRO-889] Provide Jakarta jar modules - Shiro 1.x by @lprimak in #566
- Bump dependency-check-maven from 7.2.1 to 7.4.1 by @dependabot in #564
- Bump spring-boot.version from 2.7.4 to 2.7.5 by @dependabot in #534
- Bump maven-surefire-report-plugin from 3.0.0-M5 to 3.0.0-M7 by @dependabot in #538
- Bump hibernate.version from 5.6.12.Final to 5.6.14.Final by @dependabot in #544
- Bump gmavenplus-plugin from 1.13.1 to 2.1.0 by @dependabot in #535
- Bump japicmp-maven-plugin from 0.16.0 to 0.17.1 by @dependabot in #581
- Bump maven-project-info-reports-plugin from 3.1.2 to 3.4.1 by @dependabot in #580
- Bump apache from 27 to 29 by @dependabot in #576
- Bump actions/checkout from 3.1.0 to 3.2.0 by @dependabot in #572
- Bump cxf.version from 3.5.3 to 3.5.5 by @dependabot in #578
- Bump framework from 4.4.1 to 4.4.2 by @dependabot in #594
- Bump maven-release-plugin from 3.0.0-M6 to 3.0.0-M7 by @dependabot in #589
- Bump versions-maven-plugin from 2.13.0 to 2.14.1 by @dependabot in #584
- Bump maven-dependency-plugin from 3.3.0 to 3.4.0 by @dependabot in #582
- Bump taglist-maven-plugin from 2.4 to 3.0.0 by @dependabot in #546
- update spring boot by @bdemers in #595
- [SHIRO-889] (1.11.x backport) Jakarta JAR for shiro-spring-boot-starter module by @lprimak in #633
- [SHIRO-899] moved the HttpSessionContext Jakarta shim into Shiro pack… by @lprimak in #637
Full Changelog: shiro-root-1.10.1...shiro-root-1.11.0
Contributors
bdemers, lprimak, and dependabot
Assets 2
shiro-root-1.10.1
What's Changed
- [SHIRO-894] Update EasyMock to 5.0.1 by @bmarwell in #506
- [SHIRO-895] Workaround Guice Java17 compat and run tests on 17. by @bmarwell in #507
- [SHIRO-893] - Fix NPE in ShiroFilter.init() by @julian-computes in #499
- [SHIRO-896] update hsqldb to 2.7.1 by @bmarwell in #516
- [BUILD] reduce build matrix by @bmarwell in #517
- Bump easymock from 4.3 to 5.0.1 by @dependabot in #514
- SHIRO-892 Ensure ShiroWebModules works with explicit bindings in with Guice by @bdemers in #519
- Bump htmlunit from 2.65.1 to 2.66.0 by @dependabot in #521
- Bump versions-maven-plugin from 2.12.0 to 2.13.0 by @dependabot in #512
New Contributors
- @julian-computes made their first contribution in #499
Full Changelog: shiro-root-1.10.0...shiro-root-1.10.1
Contributors
bdemers, bmarwell, and 2 other contributors
Assets 2
shiro-root-1.10.0
shiro-root-1.10.0
This tag was signed with the committer’s verified signature.
bdemers
Brian Demers
What's Changed
- Update Deps for 1.10.x by @bdemers in #373
- Bump maven-site-plugin from 3.7.1 to 3.12.1 by @dependabot in #413
- Bump build-helper-maven-plugin from 3.0.0 to 3.3.0 by @dependabot in #412
- Bump maven-javadoc-plugin from 3.3.1 to 3.4.1 by @dependabot in #401
- Bump exec-maven-plugin from 1.6.0 to 3.1.0 by @dependabot in #414
- Bump maven-assembly-plugin from 3.1.0 to 3.4.2 by @dependabot in #416
- Bump maven-jxr-plugin from 3.1.1 to 3.3.0 by @dependabot in #402
- Bump maven-compiler-plugin from 3.8.0 to 3.10.1 by @dependabot in #400
- Bump actions/cache from 2.1.6 to 3.0.10 by @dependabot in #377
- Bump jacoco-maven-plugin from 0.8.4 to 0.8.8 by @dependabot in #403
- Bump nexus-staging-maven-plugin from 1.6.8 to 1.6.13 by @dependabot in #390
- Bump maven-project-info-reports-plugin from 3.1.2 to 3.4.1 by @dependabot in #396
- Bump apache from 26 to 27 by @dependabot in #392
- Bump maven-surefire-plugin from 3.0.0-M5 to 3.0.0-M7 by @dependabot in #420
- Bump maven-resources-plugin from 3.1.0 to 3.3.0 by @dependabot in #421
- Bump maven-bundle-plugin from 5.1.4 to 5.1.8 by @dependabot in #415
- Bump actions/setup-java from 2 to 3 by @dependabot in #379
- Bump hamcrest-core from 2.1 to 2.2 by @dependabot in #424
- Bump license-maven-plugin from 3.0 to 4.1 by @dependabot in #425
- Bump apache-rat-plugin from 0.13 to 0.15 by @dependabot in #423
- Bump mockito-core from 1.10.17 to 4.8.0 by @dependabot in #394
- Bump actions/checkout from 2 to 3.1.0 by @dependabot in #375
- Update OWASP dep check plugin and Karaf versions by @bdemers in #410
- [SHIRO-887] Do not trim passwords in FormAuthenticationFilter by @sebastianfrey in #369
- Bump maven-release-plugin from 3.0.0-M5 to 3.0.0-M6 by @dependabot in #450
- Bump maven-dependency-plugin from 3.1.1 to 3.3.0 by @dependabot in #453
- Bump resteasy.version from 3.9.0.Final to 3.15.3.Final by @dependabot in #452
- Bump japicmp-maven-plugin from 0.14.1 to 0.16.0 by @dependabot in #454
- Bump versions-maven-plugin from 2.7 to 2.12.0 by @dependabot in #457
- Bump jsp-api from 2.1 to 2.2 by @dependabot in #455
- Bump maven-enforcer-plugin from 3.0.0 to 3.1.0 by @dependabot in #460
- Bump maven-jar-plugin from 3.2.2 to 3.3.0 by @dependabot in #461
- Bump maven-scm-publish-plugin from 3.0.0 to 3.1.0 by @dependabot in #464
- Bump maven-failsafe-plugin from 3.0.0-M5 to 3.0.0-M7 by @dependabot in #463
- Bump maven-pmd-plugin from 3.12.0 to 3.19.0 by @dependabot in #456
- Bump mrm-maven-plugin from 1.1.0 to 1.4.1 by @dependabot in #458
- update guava 1 10 x by @bdemers in #471
- Revert: Bump maven-project-info-reports-plugin from 3.1.2 to 3.4.1 by @bdemers in #473
New Contributors
- @sebastianfrey made their first contribution in #369
Full Changelog: shiro-root-1.9.1...shiro-root-1.10.0
Contributors
bdemers, sebastianfrey, and dependabot
Assets 2
shiro-root-1.9.1
shiro-root-1.9.1
This tag was signed with the committer’s verified signature.
bdemers
Brian Demers
What's Changed
- SHIRO-872 fix Reproducible Builds issues by @hboutemy in #351
- Fix sporadic failures of AuthorizationFilterTest by @bdemers in #361
- Add branch 1.9.x to GH Actions build by @bdemers in #359
- shiro 19 bump deps by @bdemers in #363
- [SHIRO-882] Upgrade to apache pom parent 26 by @bdemers in #357
- Apply principalSuffix only when username does NOT already contain the suffix by @bdemers in #364
Full Changelog: shiro-root-1.9.0...shiro-root-1.9.1
Contributors
bdemers and hboutemy