Skip to content

Pull requests: spring-projects/spring-security

New pull request New
107 Open 4,944 Closed
107 Open 4,944 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Bump com.webauthn4j:webauthn4j-core from 0.29.7.RELEASE to 0.31.0.RELEASE type: dependency-upgrade A dependency upgrade
#18687 opened Feb 6, 2026 by dependabot bot Loading…
Bump com.nimbusds:oauth2-oidc-sdk from 11.26.1 to 11.32 type: dependency-upgrade A dependency upgrade
#18686 opened Feb 6, 2026 by dependabot bot Loading…
Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.6 to 0.0.11 type: dependency-upgrade A dependency upgrade
#18680 opened Feb 6, 2026 by dependabot bot Loading…
Fix OIDC prompt=none handling in AuthorizationEndpoint status: waiting-for-triage An issue we've not yet triaged
#18665 opened Feb 6, 2026 by suuuuuuminnnnnn Loading…
1
Fix deserializer for AuthenticationExtensionsClientOutputs status: waiting-for-triage An issue we've not yet triaged
#18644 opened Feb 5, 2026 by ziqin Loading…
1
Update Remember-Me example status: waiting-for-triage An issue we've not yet triaged
#18642 opened Feb 4, 2026 by ngocnhan-tran1996 Loading…
Fix typos in contributing guide in: docs An issue in Documentation or samples type: bug A general bug
#18635 opened Feb 3, 2026 by coehgns Loading…
@jzheaux
2
Add InetAddressMatcher in: web An issue in web modules (web, webmvc) type: enhancement A general enhancement
#18634 opened Feb 2, 2026 by rwinch Loading…
@rwinch
14
Change ActiveDirectoryLdapAuthenticationProvider to use LdapClient status: waiting-for-triage An issue we've not yet triaged
#18627 opened Feb 1, 2026 by therepanic Loading…
1
5
Add authenticationConverter to SpringOpaqueTokenIntrospector Builders status: waiting-for-triage An issue we've not yet triaged
#18625 opened Jan 31, 2026 by itsmevichu Loading…
1
Fix session concurrency for OAuth2/OIDC authentication in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
#18624 opened Jan 30, 2026 by Gautam-aman Loading…
3
Mark CsrfTokenRequestAttributeHandler#setCsrfRequestAttributeName as Nullable status: waiting-for-triage An issue we've not yet triaged
#18620 opened Jan 29, 2026 by therepanic Loading…
1
docs: Update inner link about CSRF in FAQ status: waiting-for-triage An issue we've not yet triaged
#18616 opened Jan 29, 2026 by ghusta Loading…
Fail spring-security-docs on javadoc warnings in: build An issue in the build in: docs An issue in Documentation or samples type: enhancement A general enhancement
#18613 opened Jan 28, 2026 by ngocnhan-tran1996 Loading… 7.1.0-M2
1
@rwinch
2
Support single-line PEM encoded RSA keys in RsaKeyConverters status: waiting-for-triage An issue we've not yet triaged
#18599 opened Jan 27, 2026 by earlgrey02 Loading…
Bump io.mockk:mockk from 1.14.7 to 1.14.9 type: dependency-upgrade A dependency upgrade
#18598 opened Jan 27, 2026 by dependabot bot Loading…
Fix compile warnings for spring-security-config in: build An issue in the build in: config An issue in spring-security-config status: feedback-provided Feedback has been provided type: enhancement A general enhancement
#18596 opened Jan 26, 2026 by 023-dev Loading… 7.1.0-M2
1
@rwinch
5
Fix compile warning in spring-security-test in: build An issue in the build in: test An issue in spring-security-test type: enhancement A general enhancement
#18593 opened Jan 26, 2026 by kmw10693 Loading… 7.1.0-M2
@rwinch
2
Lazily instantiate default components in WebAuthnConfigurer status: waiting-for-triage An issue we've not yet triaged
#18586 opened Jan 25, 2026 by ryujungkyun Loading…
Clarify behavior when multiple CorsConfigurationSource beans are present status: waiting-for-triage An issue we've not yet triaged
#18584 opened Jan 25, 2026 by mjkang4416 Loading…
1
Gh 18561 fix jackson date override status: waiting-for-triage An issue we've not yet triaged
#18582 opened Jan 25, 2026 by Khyojae Loading…
1
Fix gh-18565: Support consent for clients with no registered scopes status: waiting-for-triage An issue we've not yet triaged
#18574 opened Jan 25, 2026 by ryujungkyun Loading…
Clarify need for method attribute in JSP authorize tag status: waiting-for-triage An issue we've not yet triaged
#18566 opened Jan 24, 2026 by Hann244 Loading…
1
fix: replace hard-coded JWKS timeouts status: waiting-for-triage An issue we've not yet triaged
#18563 opened Jan 23, 2026 by knoobie Loading…
Deprecate BCrypt.gensalt() without SecureRandom parameter status: waiting-for-triage An issue we've not yet triaged
#18560 opened Jan 22, 2026 by lreowy Loading…
1
ProTip! Follow long discussions with comments:>50.