Bump org.springframework.security:spring-security-bom from 6.2.4 to 6.2.5

[dependabot]

Bumps org.springframework.security:spring-security-bom from 6.2.4 to 6.2.5.

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

6.2.5

⭐ New Features

• doc: added hint to declare GrantedAuthorityDefaults as infrastructure bean #15063
• Enhance Logging in RequestMatcherDelegatingAuthorizationManage #14922
• InMemoryUserDetailsManager: consider improving the error message when no PasswordEncoding has been specified #14974
• Mention all required dependencies in LDAP documentation #15244

🪲 Bug Fixes

• Assert WebSession is not null #15178
• AbstractRequestMatcherRegistry#requestMatchers should pick MvcRequestMatcher when using MockMvc #15210
• DispatcherServletDelegatingRequestMatcher causes errors when running tests with MockMvc #15196
• Fix Java example in multitenanci.adoc #15150
• Incorrect documentation for OIDC Back-Channel Logout #15198
• InMemoryUserDetailsManager Setting User Roles in Official Documentation Example Causes Error #14972
• LDIF file on official documentation breaks the startup process #15166
• Link to article with remember-me-persistent-token strategy is broken #15148
• OIDC Logout section is not shown in the navbar #15112
• OpenSaml4AssertionValidator is not respecting clock skew settings #15022
• ProxyRestrictionConditionValidator is missing in the OpenSaml4AuthenticationProvider.SAML20AssertionValidators class #14958
• Resolving invalid CSRF token values is not consistent #15185
• spring-security/docs/modules/ROOT/pages/servlet/authorization /method-security #15045
• Wrong information for RequestCacheAwareFilter in the Spring Security documentation. #14995

🔨 Dependency Upgrades

• Bump com.fasterxml.jackson:jackson-bom from 2.17.0 to 2.17.1 #15011
• Bump io.micrometer:micrometer-observation from 1.12.5 to 1.12.6 #15069
• Bump io.micrometer:micrometer-observation from 1.12.6 to 1.12.7 #15224
• Bump io.mockk:mockk from 1.13.10 to 1.13.11 #15079
• Bump io.projectreactor:reactor-bom from 2023.0.5 to 2023.0.6 #15075
• Bump io.projectreactor:reactor-bom from 2023.0.6 to 2023.0.7 #15232
• Bump org-apache-maven-resolver from 1.9.18 to 1.9.19 #14939
• Bump org-apache-maven-resolver from 1.9.19 to 1.9.20 #15031
• Bump org-aspectj from 1.9.22 to 1.9.22.1 #15049
• Bump org-eclipse-jetty from 11.0.20 to 11.0.21 #15080
• Bump org.apache.maven:maven-resolver-provider from 3.9.6 to 3.9.7 #15170
• Bump org.hibernate.orm:hibernate-core from 6.4.4.Final to 6.4.5.Final #14949
• Bump org.hibernate.orm:hibernate-core from 6.4.5.Final to 6.4.6.Final #14953
• Bump org.hibernate.orm:hibernate-core from 6.4.6.Final to 6.4.7.Final #14960
• Bump org.hibernate.orm:hibernate-core from 6.4.7.Final to 6.4.8.Final #14981
• Bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 #15192
• Bump org.jetbrains.kotlin:kotlin-bom from 1.9.23 to 1.9.24 #15024
• Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.23 to 1.9.24 #15023
• Bump org.opensaml:opensaml-core4 from 4.3.1 to 4.3.2 #14947
• Bump org.springframework.data:spring-data-bom from 2023.1.5 to 2023.1.6 #15101
• Bump org.springframework.data:spring-data-bom from 2023.1.6 to 2023.1.7 #15262
• Bump org.springframework.ldap:spring-ldap-core from 3.2.3 to 3.2.4 #15248
• Bump org.springframework:spring-framework-bom from 6.1.6 to 6.1.7 #15081

... (truncated)

Commits

• 2966a72 Release 6.2.5
• 2a6f6ec Bump org.springframework.data:spring-data-bom from 2023.1.6 to 2023.1.7
• 73e2e75 Merge branch '5.8.x' into 6.2.x
• 2537a03 Bump org.springframework:spring-framework-bom from 5.3.36 to 5.3.37
• 79c8eb3 Bump org.springframework:spring-framework-bom from 6.1.8 to 6.1.9
• 3d9df37 Bump org.springframework.ldap:spring-ldap-core from 3.2.3 to 3.2.4
• e417714 Merge branch '5.8.x' into 6.2.x
• f622d8e Polish gh-15235
• 92cab2b Add 'Required Dependencies' section in ldap.adoc file
• 0913903 Bump com.gradle.develocity from 3.17.4 to 3.17.5
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)