build(deps): bump versions.springSecurityVersion from 5.8.12 to 5.8.13

[dependabot]

Bumps versions.springSecurityVersion from 5.8.12 to 5.8.13.
Updates org.springframework.security:spring-security-config from 5.8.12 to 5.8.13

Release notes

Sourced from org.springframework.security:spring-security-config's releases.

5.8.13

⭐ New Features

• doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #14779
• Enhance Logging in RequestMatcherDelegatingAuthorizationManage #14837
• Improve PasswordEncoder Error Messaging #14951
• InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #14880
• Mention all required dependencies in LDAP documentation #15235
• Remove useBase64 parameter #14862

🪲 Bug Fixes

• AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #13849
• Always Use Request-Level ServletContext to Evaluate Request Matcher Paths #15195
• Assert WebSession is not null #14977
• Conditionally Add Conventions Plugin #15152
• DispatcherServletDelegatingRequestMatcher causes errors when there is more than one ServletContext #14418
• Fix Java example in multitenanci.adoc #15146
• LDIF file on official documentation breaks the startup process #15089
• Link to article with remember-me-persistent-token strategy is broken #14358
• ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #14931
• Resolving invalid CSRF token values is not consistent #15184
• Restore Build Scan Capability #15120
• Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #14855

🔨 Dependency Upgrades

• Bump io.projectreactor.netty:reactor-netty from 1.0.44 to 1.0.45 #15074
• Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46 #15231
• Bump io.projectreactor.tools:blockhound from 1.0.8.RELEASE to 1.0.9.RELEASE #14923
• Bump io.projectreactor:reactor-bom from 2020.0.43 to 2020.0.44 #15073
• Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45 #15230
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15191
• Bump org.springframework:spring-framework-bom from 5.3.34 to 5.3.35 #15085
• Bump org.springframework:spring-framework-bom from 5.3.35 to 5.3.36 #15135
• Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37 #15253
• Bump slackapi/slack-github-action from 1.25.0 to 1.26.0 #14938

🔩 Build Updates

• Attach Antora Docs to Pull Requests #14992
• Bump @antora/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs #15160
• Bump @springio/antora-extensions from 1.10.0 to 1.11.1 in /docs #15140
• Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.13 #15001
• Bump com.gradle.develocity from 3.17.2 to 3.17.4 #15099
• Bump com.gradle.develocity from 3.17.4 to 3.17.5 #15240
• Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 #14959
• Consider Adding a Build Updates section to the release changelog #14485
• Migrate to com.gradle.develocity plugin #15021
• Update Gradle Enterprise plugin to 3.17.2 #15020

... (truncated)

Commits

• 20332fe Release 5.8.13
• 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
• f622d8e Polish gh-15235
• 92cab2b Add 'Required Dependencies' section in ldap.adoc file
• 254709c Bump com.gradle.develocity from 3.17.4 to 3.17.5
• e9c1b7b Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45
• 2b322da Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46
• 6aabd76 Pick MvcRequestMatcher for MockMvc requests
• cdd6266 Use Request-Level Servlet Context
• 5a798e9 Polish MVC Tests
• Additional commits viewable in compare view

Updates org.springframework.security:spring-security-core from 5.8.12 to 5.8.13

Release notes

Sourced from org.springframework.security:spring-security-core's releases.

5.8.13

⭐ New Features

• doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #14779
• Enhance Logging in RequestMatcherDelegatingAuthorizationManage #14837
• Improve PasswordEncoder Error Messaging #14951
• InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #14880
• Mention all required dependencies in LDAP documentation #15235
• Remove useBase64 parameter #14862

🪲 Bug Fixes

• AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #13849
• Always Use Request-Level ServletContext to Evaluate Request Matcher Paths #15195
• Assert WebSession is not null #14977
• Conditionally Add Conventions Plugin #15152
• DispatcherServletDelegatingRequestMatcher causes errors when there is more than one ServletContext #14418
• Fix Java example in multitenanci.adoc #15146
• LDIF file on official documentation breaks the startup process #15089
• Link to article with remember-me-persistent-token strategy is broken #14358
• ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #14931
• Resolving invalid CSRF token values is not consistent #15184
• Restore Build Scan Capability #15120
• Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #14855

🔨 Dependency Upgrades

• Bump io.projectreactor.netty:reactor-netty from 1.0.44 to 1.0.45 #15074
• Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46 #15231
• Bump io.projectreactor.tools:blockhound from 1.0.8.RELEASE to 1.0.9.RELEASE #14923
• Bump io.projectreactor:reactor-bom from 2020.0.43 to 2020.0.44 #15073
• Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45 #15230
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15191
• Bump org.springframework:spring-framework-bom from 5.3.34 to 5.3.35 #15085
• Bump org.springframework:spring-framework-bom from 5.3.35 to 5.3.36 #15135
• Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37 #15253
• Bump slackapi/slack-github-action from 1.25.0 to 1.26.0 #14938

🔩 Build Updates

• Attach Antora Docs to Pull Requests #14992
• Bump @antora/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs #15160
• Bump @springio/antora-extensions from 1.10.0 to 1.11.1 in /docs #15140
• Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.13 #15001
• Bump com.gradle.develocity from 3.17.2 to 3.17.4 #15099
• Bump com.gradle.develocity from 3.17.4 to 3.17.5 #15240
• Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 #14959
• Consider Adding a Build Updates section to the release changelog #14485
• Migrate to com.gradle.develocity plugin #15021
• Update Gradle Enterprise plugin to 3.17.2 #15020

... (truncated)

Commits

• 20332fe Release 5.8.13
• 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
• f622d8e Polish gh-15235
• 92cab2b Add 'Required Dependencies' section in ldap.adoc file
• 254709c Bump com.gradle.develocity from 3.17.4 to 3.17.5
• e9c1b7b Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45
• 2b322da Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46
• 6aabd76 Pick MvcRequestMatcher for MockMvc requests
• cdd6266 Use Request-Level Servlet Context
• 5a798e9 Polish MVC Tests
• Additional commits viewable in compare view

Updates org.springframework.security:spring-security-ldap from 5.8.12 to 5.8.13

Release notes

Sourced from org.springframework.security:spring-security-ldap's releases.

5.8.13

⭐ New Features

• doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #14779
• Enhance Logging in RequestMatcherDelegatingAuthorizationManage #14837
• Improve PasswordEncoder Error Messaging #14951
• InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #14880
• Mention all required dependencies in LDAP documentation #15235
• Remove useBase64 parameter #14862

🪲 Bug Fixes

• AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #13849
• Always Use Request-Level ServletContext to Evaluate Request Matcher Paths #15195
• Assert WebSession is not null #14977
• Conditionally Add Conventions Plugin #15152
• DispatcherServletDelegatingRequestMatcher causes errors when there is more than one ServletContext #14418
• Fix Java example in multitenanci.adoc #15146
• LDIF file on official documentation breaks the startup process #15089
• Link to article with remember-me-persistent-token strategy is broken #14358
• ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #14931
• Resolving invalid CSRF token values is not consistent #15184
• Restore Build Scan Capability #15120
• Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #14855

🔨 Dependency Upgrades

• Bump io.projectreactor.netty:reactor-netty from 1.0.44 to 1.0.45 #15074
• Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46 #15231
• Bump io.projectreactor.tools:blockhound from 1.0.8.RELEASE to 1.0.9.RELEASE #14923
• Bump io.projectreactor:reactor-bom from 2020.0.43 to 2020.0.44 #15073
• Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45 #15230
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15191
• Bump org.springframework:spring-framework-bom from 5.3.34 to 5.3.35 #15085
• Bump org.springframework:spring-framework-bom from 5.3.35 to 5.3.36 #15135
• Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37 #15253
• Bump slackapi/slack-github-action from 1.25.0 to 1.26.0 #14938

🔩 Build Updates

• Attach Antora Docs to Pull Requests #14992
• Bump @antora/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs #15160
• Bump @springio/antora-extensions from 1.10.0 to 1.11.1 in /docs #15140
• Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.13 #15001
• Bump com.gradle.develocity from 3.17.2 to 3.17.4 #15099
• Bump com.gradle.develocity from 3.17.4 to 3.17.5 #15240
• Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 #14959
• Consider Adding a Build Updates section to the release changelog #14485
• Migrate to com.gradle.develocity plugin #15021
• Update Gradle Enterprise plugin to 3.17.2 #15020

... (truncated)

Commits

• 20332fe Release 5.8.13
• 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
• f622d8e Polish gh-15235
• 92cab2b Add 'Required Dependencies' section in ldap.adoc file
• 254709c Bump com.gradle.develocity from 3.17.4 to 3.17.5
• e9c1b7b Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45
• 2b322da Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46
• 6aabd76 Pick MvcRequestMatcher for MockMvc requests
• cdd6266 Use Request-Level Servlet Context
• 5a798e9 Polish MVC Tests
• Additional commits viewable in compare view

Updates org.springframework.security:spring-security-taglibs from 5.8.12 to 5.8.13

Release notes

Sourced from org.springframework.security:spring-security-taglibs's releases.

5.8.13

⭐ New Features

• doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #14779
• Enhance Logging in RequestMatcherDelegatingAuthorizationManage #14837
• Improve PasswordEncoder Error Messaging #14951
• InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #14880
• Mention all required dependencies in LDAP documentation #15235
• Remove useBase64 parameter #14862

🪲 Bug Fixes

• AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #13849
• Always Use Request-Level ServletContext to Evaluate Request Matcher Paths #15195
• Assert WebSession is not null #14977
• Conditionally Add Conventions Plugin #15152
• DispatcherServletDelegatingRequestMatcher causes errors when there is more than one ServletContext #14418
• Fix Java example in multitenanci.adoc #15146
• LDIF file on official documentation breaks the startup process #15089
• Link to article with remember-me-persistent-token strategy is broken #14358
• ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #14931
• Resolving invalid CSRF token values is not consistent #15184
• Restore Build Scan Capability #15120
• Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #14855

🔨 Dependency Upgrades

• Bump io.projectreactor.netty:reactor-netty from 1.0.44 to 1.0.45 #15074
• Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46 #15231
• Bump io.projectreactor.tools:blockhound from 1.0.8.RELEASE to 1.0.9.RELEASE #14923
• Bump io.projectreactor:reactor-bom from 2020.0.43 to 2020.0.44 #15073
• Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45 #15230
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15191
• Bump org.springframework:spring-framework-bom from 5.3.34 to 5.3.35 #15085
• Bump org.springframework:spring-framework-bom from 5.3.35 to 5.3.36 #15135
• Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37 #15253
• Bump slackapi/slack-github-action from 1.25.0 to 1.26.0 #14938

🔩 Build Updates

• Attach Antora Docs to Pull Requests #14992
• Bump @antora/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs #15160
• Bump @springio/antora-extensions from 1.10.0 to 1.11.1 in /docs #15140
• Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.13 #15001
• Bump com.gradle.develocity from 3.17.2 to 3.17.4 #15099
• Bump com.gradle.develocity from 3.17.4 to 3.17.5 #15240
• Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 #14959
• Consider Adding a Build Updates section to the release changelog #14485
• Migrate to com.gradle.develocity plugin #15021
• Update Gradle Enterprise plugin to 3.17.2 #15020

... (truncated)

Commits

• 20332fe Release 5.8.13
• 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
• f622d8e Polish gh-15235
• 92cab2b Add 'Required Dependencies' section in ldap.adoc file
• 254709c Bump com.gradle.develocity from 3.17.4 to 3.17.5
• e9c1b7b Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45
• 2b322da Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46
• 6aabd76 Pick MvcRequestMatcher for MockMvc requests
• cdd6266 Use Request-Level Servlet Context
• 5a798e9 Polish MVC Tests
• Additional commits viewable in compare view

Updates org.springframework.security:spring-security-test from 5.8.12 to 5.8.13

Release notes

Sourced from org.springframework.security:spring-security-test's releases.

5.8.13

⭐ New Features

• doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #14779
• Enhance Logging in RequestMatcherDelegatingAuthorizationManage #14837
• Improve PasswordEncoder Error Messaging #14951
• InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #14880
• Mention all required dependencies in LDAP documentation #15235
• Remove useBase64 parameter #14862

🪲 Bug Fixes

• AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #13849
• Always Use Request-Level ServletContext to Evaluate Request Matcher Paths #15195
• Assert WebSession is not null #14977
• Conditionally Add Conventions Plugin #15152
• DispatcherServletDelegatingRequestMatcher causes errors when there is more than one ServletContext #14418
• Fix Java example in multitenanci.adoc #15146
• LDIF file on official documentation breaks the startup process #15089
• Link to article with remember-me-persistent-token strategy is broken #14358
• ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #14931
• Resolving invalid CSRF token values is not consistent #15184
• Restore Build Scan Capability #15120
• Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #14855

🔨 Dependency Upgrades

• Bump io.projectreactor.netty:reactor-netty from 1.0.44 to 1.0.45 #15074
• Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46 #15231
• Bump io.projectreactor.tools:blockhound from 1.0.8.RELEASE to 1.0.9.RELEASE #14923
• Bump io.projectreactor:reactor-bom from 2020.0.43 to 2020.0.44 #15073
• Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45 #15230
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15191
• Bump org.springframework:spring-framework-bom from 5.3.34 to 5.3.35 #15085
• Bump org.springframework:spring-framework-bom from 5.3.35 to 5.3.36 #15135
• Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37 #15253
• Bump slackapi/slack-github-action from 1.25.0 to 1.26.0 #14938

🔩 Build Updates

• Attach Antora Docs to Pull Requests #14992
• Bump @antora/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs #15160
• Bump @springio/antora-extensions from 1.10.0 to 1.11.1 in /docs #15140
• Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.13 #15001
• Bump com.gradle.develocity from 3.17.2 to 3.17.4 #15099
• Bump com.gradle.develocity from 3.17.4 to 3.17.5 #15240
• Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 #14959
• Consider Adding a Build Updates section to the release changelog #14485
• Migrate to com.gradle.develocity plugin #15021
• Update Gradle Enterprise plugin to 3.17.2 #15020

... (truncated)

Commits

• 20332fe Release 5.8.13
• 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
• f622d8e Polish gh-15235
• 92cab2b Add 'Required Dependencies' section in ldap.adoc file
• 254709c Bump com.gradle.develocity from 3.17.4 to 3.17.5
• e9c1b7b Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45
• 2b322da Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46
• 6aabd76 Pick MvcRequestMatcher for MockMvc requests
• cdd6266 Use Request-Level Servlet Context
• 5a798e9 Polish MVC Tests
• Additional commits viewable in compare view

Updates org.springframework.security:spring-security-web from 5.8.12 to 5.8.13

Release notes

Sourced from org.springframework.security:spring-security-web's releases.

5.8.13

⭐ New Features

• doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #14779
• Enhance Logging in RequestMatcherDelegatingAuthorizationManage #14837
• Improve PasswordEncoder Error Messaging #14951
• InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #14880
• Mention all required dependencies in LDAP documentation #15235
• Remove useBase64 parameter #14862

🪲 Bug Fixes

• AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #13849
• Always Use Request-Level ServletContext to Evaluate Request Matcher Paths #15195
• Assert WebSession is not null #14977
• Conditionally Add Conventions Plugin #15152
• DispatcherServletDelegatingRequestMatcher causes errors when there is more than one ServletContext #14418
• Fix Java example in multitenanci.adoc #15146
• LDIF file on official documentation breaks the startup process #15089
• Link to article with remember-me-persistent-token strategy is broken #14358
• ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #14931
• Resolving invalid CSRF token values is not consistent #15184
• Restore Build Scan Capability #15120
• Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #14855

🔨 Dependency Upgrades

• Bump io.projectreactor.netty:reactor-netty from 1.0.44 to 1.0.45 #15074
• Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46 #15231
• Bump io.projectreactor.tools:blockhound from 1.0.8.RELEASE to 1.0.9.RELEASE #14923
• Bump io.projectreactor:reactor-bom from 2020.0.43 to 2020.0.44 #15073
• Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45 #15230
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15191
• Bump org.springframework:spring-framework-bom from 5.3.34 to 5.3.35 #15085
• Bump org.springframework:spring-framework-bom from 5.3.35 to 5.3.36 #15135
• Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37 #15253
• Bump slackapi/slack-github-action from 1.25.0 to 1.26.0 #14938

🔩 Build Updates

• Attach Antora Docs to Pull Requests #14992
• Bump @antora/collector-extension from 1.0.0-alpha.3 to 1.0.0-alpha.4 in /docs #15160
• Bump @springio/antora-extensions from 1.10.0 to 1.11.1 in /docs #15140
• Bump com.github.spullara.mustache.java:compiler from 0.9.11 to 0.9.13 #15001
• Bump com.gradle.develocity from 3.17.2 to 3.17.4 #15099
• Bump com.gradle.develocity from 3.17.4 to 3.17.5 #15240
• Bump io.spring.ge.conventions from 0.0.16 to 0.0.17 #14959
• Consider Adding a Build Updates section to the release changelog #14485
• Migrate to com.gradle.develocity plugin #15021
• Update Gradle Enterprise plugin to 3.17.2 #15020

... (truncated)

Commits

• 20332fe Release 5.8.13
• 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
• f622d8e Polish gh-15235
• 92cab2b Add 'Required Dependencies' section in ldap.adoc file
• 254709c Bump com.gradle.develocity from 3.17.4 to 3.17.5
• e9c1b7b Bump io.projectreactor:reactor-bom from 2020.0.44 to 2020.0.45
• 2b322da Bump io.projectreactor.netty:reactor-netty from 1.0.45 to 1.0.46
• 6aabd76 Pick MvcRequestMatcher for MockMvc requests
• cdd6266 Use Request-Level Servlet Context
• 5a798e9 Polish MVC Tests
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
org.springframework.security:spring-security-config	[>= 6.a, < 7]
org.springframework.security:spring-security-core	[>= 6.a, < 7]
org.springframework.security:spring-security-ldap	[>= 6.a, < 7]
org.springframework.security:spring-security-taglibs	[>= 6.a, < 7]
org.springframework.security:spring-security-test	[>= 6.a, < 7]
org.springframework.security:spring-security-web	[>= 6.a, < 7]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cf-gitbot]

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/187808518

The labels on this github issue will be updated when the story is started.