From 73d419cb39c0df9f2965ea68d094dce84c298528 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 24 Aug 2025 21:16:57 +0100
Subject: [PATCH] build(deps): bump springSecuritySamlVersion from 6.5.2 to
 6.5.3 (#4227)

Bumps `springSecuritySamlVersion` from 6.5.2 to 6.5.3.
Updates `org.springframework.security:spring-security-core` from 6.5.2
to 6.5.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-core's
releases</a>.</em></p>
<blockquote>
<h2>6.5.3</h2>
<h2>:star: New Features</h2>
<ul>
<li>Add META-INF/LICENSE.txt to published jars <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17639">#17639</a></li>
<li>Update Angular documentation links in csrf.adoc <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17653">#17653</a></li>
<li>Update Shibboleth Repository URL <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17637">#17637</a></li>
<li>Use 2004-present Copyright <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17634">#17634</a></li>
</ul>
<h2>:beetle: Bug Fixes</h2>
<ul>
<li>Add Missing Navigation in Preparing for 7.0 Guide <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17731">#17731</a></li>
<li>DPoP authentication throws JwtDecoderFactory ClassNotFoundException
<a
href="https://redirect.github.com/spring-projects/spring-security/issues/17249">#17249</a></li>
<li>OpenSamlAssertingPartyDetails Should Be Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17727">#17727</a></li>
<li>Use final values in equals and hashCode <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17621">#17621</a></li>
</ul>
<h2>:hammer: Dependency Upgrades</h2>
<ul>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to
0.29.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17739">#17739</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to
0.29.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17690">#17690</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to
0.29.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17684">#17684</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to
0.29.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17661">#17661</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17615">#17615</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17599">#17599</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17737">#17737</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17701">#17701</a></li>
<li>Bump io.mockk:mockk from 1.14.4 to 1.14.5 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17614">#17614</a></li>
<li>Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17647">#17647</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to
1.0.11 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17733">#17733</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to
1.0.11 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17711">#17711</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to
1.0.10 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17612">#17612</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to
1.0.10 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17598">#17598</a></li>
<li>Bump org-eclipse-jetty from 11.0.25 to 11.0.26 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17742">#17742</a></li>
<li>Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17613">#17613</a></li>
<li>Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17595">#17595</a></li>
<li>Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17760">#17760</a></li>
<li>Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17692">#17692</a></li>
<li>Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17683">#17683</a></li>
<li>Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17671">#17671</a></li>
<li>Bump org.gretty:gretty from 4.1.6 to 4.1.7 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17616">#17616</a></li>
<li>Bump org.gretty:gretty from 4.1.6 to 4.1.7 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17597">#17597</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to
6.6.23.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17646">#17646</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.24.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17660">#17660</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.25.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17694">#17694</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.25.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17685">#17685</a></li>
<li>Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.34.1 to
4.34.2 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17650">#17650</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.7 to
2024.1.8 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17645">#17645</a></li>
<li>Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17757">#17757</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17651">#17651</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17596">#17596</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.9 to 6.2.10
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17735">#17735</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/44037c0ea4103dc599a84c0772f65c3aa4b6225f"><code>44037c0</code></a>
Release 6.5.3</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/9909dc615a59baead33ff050ff2825a73426268f"><code>9909dc6</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/525601ea6782a49ae3fa66b4af98a3006dfce519"><code>525601e</code></a>
Fix version 6.4.9-SNAPSHOT</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/15a4d0d6279496c4f7f977cf1b1e616a1d6b31e2"><code>15a4d0d</code></a>
Fix version=6.5.3-SNAPSHOT</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/80b1a308abb4e32213c3e8671d50cbfa153a0d0a"><code>80b1a30</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/644f7802d8bf21043286088a1c8cb28738fa3ebb"><code>644f780</code></a>
Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to
3.2.14</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/a26d6fccb049576a2c438485aed535d60dcdcc0b"><code>a26d6fc</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.8 to
2024.1.9</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/74735a1a80efb9b6e907e7fe4780d58ae72ee911"><code>74735a1</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.26.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/82a16d791776e7a8bb8e0efaaa3c5677aa6645c1"><code>82a16d7</code></a>
Bump org.assertj:assertj-core from 3.27.3 to 3.27.4</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/c1869c1db9105b8feb82f2128077376a606ead01"><code>c1869c1</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.26.Final</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.5.2...6.5.3">compare
view</a></li>
</ul>
</details>
<br />

Updates
`org.springframework.security:spring-security-saml2-service-provider`
from 6.5.2 to 6.5.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-security/releases">org.springframework.security:spring-security-saml2-service-provider's
releases</a>.</em></p>
<blockquote>
<h2>6.5.3</h2>
<h2>:star: New Features</h2>
<ul>
<li>Add META-INF/LICENSE.txt to published jars <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17639">#17639</a></li>
<li>Update Angular documentation links in csrf.adoc <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17653">#17653</a></li>
<li>Update Shibboleth Repository URL <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17637">#17637</a></li>
<li>Use 2004-present Copyright <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17634">#17634</a></li>
</ul>
<h2>:beetle: Bug Fixes</h2>
<ul>
<li>Add Missing Navigation in Preparing for 7.0 Guide <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17731">#17731</a></li>
<li>DPoP authentication throws JwtDecoderFactory ClassNotFoundException
<a
href="https://redirect.github.com/spring-projects/spring-security/issues/17249">#17249</a></li>
<li>OpenSamlAssertingPartyDetails Should Be Serializable <a
href="https://redirect.github.com/spring-projects/spring-security/issues/17727">#17727</a></li>
<li>Use final values in equals and hashCode <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17621">#17621</a></li>
</ul>
<h2>:hammer: Dependency Upgrades</h2>
<ul>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to
0.29.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17739">#17739</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to
0.29.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17690">#17690</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to
0.29.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17684">#17684</a></li>
<li>Bump com.webauthn4j:webauthn4j-core from 0.29.4.RELEASE to
0.29.5.RELEASE <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17661">#17661</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17615">#17615</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.8 to 1.14.9 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17599">#17599</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17737">#17737</a></li>
<li>Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17701">#17701</a></li>
<li>Bump io.mockk:mockk from 1.14.4 to 1.14.5 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17614">#17614</a></li>
<li>Bump io.spring.develocity.conventions from 0.0.23 to 0.0.24 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17647">#17647</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to
1.0.11 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17733">#17733</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.10 to
1.0.11 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17711">#17711</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to
1.0.10 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17612">#17612</a></li>
<li>Bump io.spring.gradle:spring-security-release-plugin from 1.0.6 to
1.0.10 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17598">#17598</a></li>
<li>Bump org-eclipse-jetty from 11.0.25 to 11.0.26 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17742">#17742</a></li>
<li>Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17613">#17613</a></li>
<li>Bump org.apache.maven:maven-resolver-provider from 3.9.10 to 3.9.11
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17595">#17595</a></li>
<li>Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17760">#17760</a></li>
<li>Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17692">#17692</a></li>
<li>Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17683">#17683</a></li>
<li>Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17671">#17671</a></li>
<li>Bump org.gretty:gretty from 4.1.6 to 4.1.7 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17616">#17616</a></li>
<li>Bump org.gretty:gretty from 4.1.6 to 4.1.7 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17597">#17597</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.20.Final to
6.6.23.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17646">#17646</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.24.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17660">#17660</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.25.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17694">#17694</a></li>
<li>Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.25.Final <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17685">#17685</a></li>
<li>Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.34.1 to
4.34.2 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17650">#17650</a></li>
<li>Bump org.springframework.data:spring-data-bom from 2024.1.7 to
2024.1.8 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17645">#17645</a></li>
<li>Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to 3.2.14
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17757">#17757</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17651">#17651</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.8 to 6.2.9 <a
href="https://redirect.github.com/spring-projects/spring-security/pull/17596">#17596</a></li>
<li>Bump org.springframework:spring-framework-bom from 6.2.9 to 6.2.10
<a
href="https://redirect.github.com/spring-projects/spring-security/pull/17735">#17735</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-security/commit/44037c0ea4103dc599a84c0772f65c3aa4b6225f"><code>44037c0</code></a>
Release 6.5.3</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/9909dc615a59baead33ff050ff2825a73426268f"><code>9909dc6</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/525601ea6782a49ae3fa66b4af98a3006dfce519"><code>525601e</code></a>
Fix version 6.4.9-SNAPSHOT</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/15a4d0d6279496c4f7f977cf1b1e616a1d6b31e2"><code>15a4d0d</code></a>
Fix version=6.5.3-SNAPSHOT</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/80b1a308abb4e32213c3e8671d50cbfa153a0d0a"><code>80b1a30</code></a>
Merge branch '6.4.x' into 6.5.x</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/644f7802d8bf21043286088a1c8cb28738fa3ebb"><code>644f780</code></a>
Bump org.springframework.ldap:spring-ldap-core from 3.2.13 to
3.2.14</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/a26d6fccb049576a2c438485aed535d60dcdcc0b"><code>a26d6fc</code></a>
Bump org.springframework.data:spring-data-bom from 2024.1.8 to
2024.1.9</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/74735a1a80efb9b6e907e7fe4780d58ae72ee911"><code>74735a1</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.26.Final</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/82a16d791776e7a8bb8e0efaaa3c5677aa6645c1"><code>82a16d7</code></a>
Bump org.assertj:assertj-core from 3.27.3 to 3.27.4</li>
<li><a
href="https://github.com/spring-projects/spring-security/commit/c1869c1db9105b8feb82f2128077376a606ead01"><code>c1869c1</code></a>
Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to
6.6.26.Final</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-security/compare/6.5.2...6.5.3">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 5c6893cdf..4016c2bc6 100644
--- a/build.gradle
+++ b/build.gradle
@@ -26,7 +26,7 @@ ext {
     imageioVersion = "3.12.0"
     lombokVersion = "1.18.38"
     bouncycastleVersion = "1.81"
-    springSecuritySamlVersion = "6.5.2"
+    springSecuritySamlVersion = "6.5.3"
     openSamlVersion = "4.3.2"
     commonmarkVersion = "0.25.1"
     googleJavaFormatVersion = "1.28.0"