Bump org.springframework.security:spring-security-bom from 6.4.9 to 6.4.10 #1229

dependabot · 2025-09-16T03:19:06Z

Bumps org.springframework.security:spring-security-bom from 6.4.9 to 6.4.10.

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

6.4.10

🪲 Bug Fixes

Annonation Scanning Should Fallback to Object when Parameter Matching #17898

Fix traceId discrepancy in case error in servlet web #17134

Reference should advise avoiding post-authorization on writes #17797

Remove MockWebServer from JwtIssuerAuthenticationManagerResolverTests #17869

🔨 Dependency Upgrades

Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17792

Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17778

Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.10 #17769

Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #17892

Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11 #17857

Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17777

Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17768

Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.26.Final #17755

Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.28.Final #17851

Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.28.Final #17835

Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final #17890

Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10 #17891

Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17889

Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11 #17877

Update to nimbus-jose-jwt:9.37.4 #17875

❤️ Contributors

Thank you to all the contributors who worked on this release:

@nkonev

Commits

d2179e0 Release 6.4.10
e5694ac Fallback to Object When Determining Overridden Methods
9de0aad Allow patch version updates for nimbus-jose-jwt
7293fc0 Update to nimbus-jose-jwt:9.37.4
ed3ed28 Bump org.springframework:spring-framework-bom from 6.2.10 to 6.2.11
704a324 Bump org.hibernate.orm:hibernate-core from 6.6.23.Final to 6.6.29.Final
0fc884f Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10
6162e71 Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11
627de76 Bump io.micrometer:micrometer-observation from 1.14.9 to 1.14.11
5d55c8d Bump org.springframework.data:spring-data-bom from 2024.1.9 to 2024.1.10
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.springframework.security:spring-security-bom](https://github.com/spring-projects/spring-security) from 6.4.9 to 6.4.10. - [Release notes](https://github.com/spring-projects/spring-security/releases) - [Changelog](https://github.com/spring-projects/spring-security/blob/main/RELEASE.adoc) - [Commits](spring-projects/spring-security@6.4.9...6.4.10) --- updated-dependencies: - dependency-name: org.springframework.security:spring-security-bom dependency-version: 6.4.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2025-09-18T03:45:39Z

Superseded by #1232.

dependabot bot added this to the 3.3.x milestone Sep 16, 2025

dependabot bot added in: build type: dependency-upgrade A dependency upgrade labels Sep 16, 2025

dependabot bot closed this Sep 18, 2025

dependabot bot deleted the dependabot/gradle/3.3.x/org.springframework.security-spring-security-bom-6.4.10 branch September 18, 2025 03:45

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump org.springframework.security:spring-security-bom from 6.4.9 to 6.4.10 #1229

Bump org.springframework.security:spring-security-bom from 6.4.9 to 6.4.10 #1229

Uh oh!

dependabot bot commented on behalf of github Sep 16, 2025

Uh oh!

dependabot bot commented on behalf of github Sep 18, 2025

Uh oh!

Uh oh!

Bump org.springframework.security:spring-security-bom from 6.4.9 to 6.4.10 #1229

Bump org.springframework.security:spring-security-bom from 6.4.9 to 6.4.10 #1229

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 16, 2025

6.4.10

🪲 Bug Fixes

🔨 Dependency Upgrades

❤️ Contributors

Uh oh!

dependabot bot commented on behalf of github Sep 18, 2025

Uh oh!

Uh oh!