Bump spring-security version to 5.7.12 (fixes #10611) #10612
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
somehow something in the build already drags this version, and we end up with two conflicting versions of spring-security in the war which results in at least failure to authenticate with basic auth.
|
Thank you so much @landryb for your contribution. I think we will have to do the same on geostore. Anyway we will evaluate soon a migration to v6, I think. |
|
@landryb I saw the mismatch between be and fe. thank you for reporting. |
tdipisa
added
the
BackportNeeded
tdipisa
approved these changes
Oct 11, 2024
tdipisa
pushed a commit
that referenced
this pull request
Oct 11, 2024
12 tasks
tdipisa
removed
the
BackportNeeded
1 task
offtherailz
pushed a commit
that referenced
this pull request
Oct 11, 2024
jnewmoyer
pushed a commit
to ngsllc/MapStore2
that referenced
this pull request
Oct 17, 2024
* Update Changelog for version 2024.02.00 (geosolutions-it#10602) Co-authored-by: github-actions <github-actions@github.com> * Bump commons-io:commons-io from 2.7 to 2.14.0 (geosolutions-it#10593) * Removed react-confirm-button unused dependency (geosolutions-it#10495) * Update release_steps.md (geosolutions-it#10568) * Remove istambul loader (geosolutions-it#10491) * Attempt to remove instambul loader * removed also package dependency * Apply suggestions from code review clean * Remove jsonpath (geosolutions-it#10494) jsonpath is not needed. It is a dependency of geosolutions-it/patcher actually. Having this dependency here is only confusing for dependency analyisis * Fix geosolutions-it#10595 add missing 'FORMAT' parameter to WMTS GetFeatureInfo requests (geosolutions-it#10596) * add missing 'FORMAT' parameter to WMTS GetFeatureInfo requests this is required by the WMTS spec to be the same format as would be used for a GetTile request, and this allows GFI requests to succeed on https://data.geopf.fr/wmts. * fix mapinfo wmts utils test * Fix geosolutions-it#10505 Allow to specify use of proxy or cors at layer level (geosolutions-it#10526) * fix: remove ui element for force proxy and Allow not secure layers * fix: ajax logic changed, autoDetectCORS is set to true by default * new central CORS util file created and used in ajax * checking CORS before adding in common layer file * null check on getProxyUrl * updated individual layer considring to use proxy if needed * avoid proxy cache to update if response is not okey * enable user to add http url, show warning instead of error, warning text updated * test cases updated * fix: resolve conflicts with url check * fixed the failed test * review cesium layers * include add method in model layer * improve http check for openlayers wms layer * fix tests --------- Co-authored-by: allyoucanmap <stefano.bovio@geosolutionsgroup.com> * Update openId.md (geosolutions-it#10610) * Bump spring-security version to 5.7.12 (fixes geosolutions-it#10611) (geosolutions-it#10612) somehow something in the build already drags this version, and we end up with two conflicting versions of spring-security in the war which results in at least failure to authenticate with basic auth. * Visibility limits - The resolution option is not retained as Limits type geosolutions-it#10391 (geosolutions-it#10598) * Add lib check release step (geosolutions-it#10614) * geosolutions-it#4675 Remove unused code (geosolutions-it#10442) * geosolutions-it#4675 Remove unused code * remove additional code from review * fix tests folder * remove additional unused files * geosolutions-it#10545: Option to disable identify popup in case of no results (geosolutions-it#10557) * geosolutions-it#10545: Option to disable identify popup in case of no results Description: - handle adding an option called 'hidePopupIfNoResults' to hide the identify popup - add unit tests - add jsdoc * geosolutions-it#10545: Option to disable identify popup in case of no results Description: - revert changes in popupSupport files for ol and leaflet + related tests files - handle hide popup for map viewer with css for openlayers and leaflet approach - add unit tests - edit map-popup.less file to handle hide the popup * geosolutions-it#10545: revert unnecessary changes * Fix geosolutions-it#10615 removed eval from marker utils (geosolutions-it#10616) * geosolutions-it#10545: remove marker in case no results + hover identify mode active and hideEmptyPopupOption with true (geosolutions-it#10619) --------- Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions <github-actions@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lorenzo Natali <lorenzo.natali@geosolutionsgroup.com> Co-authored-by: Landry Breuil <landryb@users.noreply.github.com> Co-authored-by: RowHeat <40065760+rowheat02@users.noreply.github.com> Co-authored-by: allyoucanmap <stefano.bovio@geosolutionsgroup.com> Co-authored-by: mahmoud adel <58145645+mahmoudadel54@users.noreply.github.com> Co-authored-by: Matteo V. <matteo.velludini@geosolutionsgroup.com>
offtherailz
pushed a commit
that referenced
this pull request
Oct 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
somehow something in the build already drags this version, and we end up with two conflicting versions of spring-security in the war which results in at least failure to authenticate with basic auth.
Description
Please check if the PR fulfills these requirements
What kind of change does this PR introduce? (check one with "x", remove the others)
Issue
What is the current behavior?
#10611
What is the new behavior?
auth succeeds, because there's now only one version of spring-security jars in the war
Breaking change
Does this PR introduce a breaking change? (check one with "x", remove the other)
Other useful information