Update vendir https://github.com/cloudfoundry/uaa to v76.31.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
https://github.com/cloudfoundry/uaa	GitSource	minor	v76.3.0 -> v76.31.0

---

Release Notes

cloudfoundry/uaa (https://github.com/cloudfoundry/uaa)

v76.31.0: 76.31.0

Compare Source

What's Changed

• Dependabot cleanup by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2669
• Refactor: remove spring security jwt and use nimbus jose by @​strehle in https://github.com/cloudfoundry/uaa/pull/2624
• Post jwt token library refactoring by @​strehle in https://github.com/cloudfoundry/uaa/pull/2679
• remove spring-security-jwt license statement by @​strehle in https://github.com/cloudfoundry/uaa/pull/2678
• minor: add maxUsers to sample configuration by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2680

Dependency Bumps

• build(deps): bump k8s.io/client-go from 0.29.0 to 0.29.1 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2684
• build(deps): bump github.com/onsi/gomega from 1.30.0 to 1.31.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2682

Full Changelog: cloudfoundry/uaa@v76.30.0...v76.31.0

v76.31.0: 76.31.0

Compare Source

What's Changed

• Dependabot cleanup by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2669
• Refactor: remove spring security jwt and use nimbus jose by @​strehle in https://github.com/cloudfoundry/uaa/pull/2624
• Post jwt token library refactoring by @​strehle in https://github.com/cloudfoundry/uaa/pull/2679
• remove spring-security-jwt license statement by @​strehle in https://github.com/cloudfoundry/uaa/pull/2678
• minor: add maxUsers to sample configuration by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2680

Dependency Bumps

• build(deps): bump k8s.io/client-go from 0.29.0 to 0.29.1 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2684
• build(deps): bump github.com/onsi/gomega from 1.30.0 to 1.31.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2682

Full Changelog: cloudfoundry/uaa@v76.30.0...v76.31.0

v76.30.0: 76.30.0

Compare Source

What's Changed

• refactor jackson dependency setting by @​strehle in https://github.com/cloudfoundry/uaa/pull/2656
• build(deps): bump versions.jacksonVersion from 2.16.0 to 2.16.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2657
• Limit user creation in zone by @​strehle in https://github.com/cloudfoundry/uaa/pull/2618
• refactor spring version dependency by @​strehle in https://github.com/cloudfoundry/uaa/pull/2659
• upgrade spring security version 5.8.9 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2660
• More page objects - @​Before and testSimpleSamlLoginWithAddShadowUserOnLoginFalse() by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2655
• fix: Running a command that does not exist in the docker container by @​hsinn0 in https://github.com/cloudfoundry/uaa/pull/2672

Dependency Bumps

• renovate: update dependency nokogiri to '~> 1.16.0' by @​strehle in https://github.com/cloudfoundry/uaa/pull/2666
• build(deps): bump versions.braveVersion from 5.17.0 to 5.17.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2665
• build(deps): bump versions.braveVersion from 5.17.1 to 5.18.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2668
• build(deps): bump versions.braveVersion from 5.18.1 to 6.0.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2670
• build(deps): bump versions.tomcatCargoVersion from 9.0.84 to 9.0.85 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2674
• update ruby version by @​strehle in https://github.com/cloudfoundry/uaa/pull/2667
• Setup latest stable go runtime for codeql and bump go to 1.21.6 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2677

Full Changelog: cloudfoundry/uaa@v76.29.0...v76.30.0

v76.30.0: 76.30.0

Compare Source

What's Changed

• refactor jackson dependency setting by @​strehle in https://github.com/cloudfoundry/uaa/pull/2656
• build(deps): bump versions.jacksonVersion from 2.16.0 to 2.16.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2657
• Limit user creation in zone by @​strehle in https://github.com/cloudfoundry/uaa/pull/2618
• refactor spring version dependency by @​strehle in https://github.com/cloudfoundry/uaa/pull/2659
• upgrade spring security version 5.8.9 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2660
• More page objects - @​Before and testSimpleSamlLoginWithAddShadowUserOnLoginFalse() by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2655
• fix: Running a command that does not exist in the docker container by @​hsinn0 in https://github.com/cloudfoundry/uaa/pull/2672

Dependency Bumps

• renovate: update dependency nokogiri to '~> 1.16.0' by @​strehle in https://github.com/cloudfoundry/uaa/pull/2666
• build(deps): bump versions.braveVersion from 5.17.0 to 5.17.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2665
• build(deps): bump versions.braveVersion from 5.17.1 to 5.18.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2668
• build(deps): bump versions.braveVersion from 5.18.1 to 6.0.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2670
• build(deps): bump versions.tomcatCargoVersion from 9.0.84 to 9.0.85 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2674
• update ruby version by @​strehle in https://github.com/cloudfoundry/uaa/pull/2667
• Setup latest stable go runtime for codeql and bump go to 1.21.6 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2677

Full Changelog: cloudfoundry/uaa@v76.29.0...v76.30.0

v76.29.0: 76.29.0

Compare Source

What's Changed

• fix: check for existing groups by @​strehle in https://github.com/cloudfoundry/uaa/pull/2653

Full Changelog: cloudfoundry/uaa@v76.28.0...v76.29.0

v76.29.0: 76.29.0

Compare Source

What's Changed

• fix: check for existing groups by @​strehle in https://github.com/cloudfoundry/uaa/pull/2653

Full Changelog: cloudfoundry/uaa@v76.28.0...v76.29.0

v76.28.0: 76.28.0

Compare Source

What's Changed

• Add allowedGroups to UserConfig in IdZ configuration by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2606
• Sonar fix for split by @​strehle in https://github.com/cloudfoundry/uaa/pull/2641
• Update documentation for adding SAP IAS as OIDC Provider by @​vlast3k in https://github.com/cloudfoundry/uaa/pull/2613

Dependency Bumps

• build(deps): bump versions.tomcatCargoVersion from 9.0.83 to 9.0.84 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2642
• build(deps): bump github/codeql-action from 2 to 3 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2644
• build(deps): bump k8s.io/client-go from 0.28.4 to 0.29.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2646
• build(deps): bump actions/upload-artifact from 3 to 4 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2648
• build(deps): bump versions.braveVersion from 5.16.0 to 5.17.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2649
• build(deps): bump versions.guavaVersion from 32.1.3-jre to 33.0.0-jre by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2650

New Contributors

• @​vlast3k made their first contribution in https://github.com/cloudfoundry/uaa/pull/2613

Full Changelog: cloudfoundry/uaa@v76.27.0...v76.28.0

v76.28.0: 76.28.0

Compare Source

What's Changed

• Add allowedGroups to UserConfig in IdZ configuration by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2606
• Sonar fix for split by @​strehle in https://github.com/cloudfoundry/uaa/pull/2641
• Update documentation for adding SAP IAS as OIDC Provider by @​vlast3k in https://github.com/cloudfoundry/uaa/pull/2613

Dependency Bumps

• build(deps): bump versions.tomcatCargoVersion from 9.0.83 to 9.0.84 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2642
• build(deps): bump github/codeql-action from 2 to 3 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2644
• build(deps): bump k8s.io/client-go from 0.28.4 to 0.29.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2646
• build(deps): bump actions/upload-artifact from 3 to 4 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2648
• build(deps): bump versions.braveVersion from 5.16.0 to 5.17.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2649
• build(deps): bump versions.guavaVersion from 32.1.3-jre to 33.0.0-jre by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2650

New Contributors

• @​vlast3k made their first contribution in https://github.com/cloudfoundry/uaa/pull/2613

Full Changelog: cloudfoundry/uaa@v76.27.0...v76.28.0

v76.27.0: 76.27.0

Compare Source

What's Changed

• build(deps): bump org.owasp.esapi:esapi from 2.5.2.0 to 2.5.3.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2619
• build(deps): bump org.apache.santuario:xmlsec from 4.0.0 to 4.0.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2621
• renovate: update dependency org.gradle:test-retry-gradle-plugin to v1.5.7 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2623
• Bump Gradle to 8.5 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2626
• build(deps): bump commons-io:commons-io from 2.15.0 to 2.15.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2627
• build(deps): bump actions/setup-java from 3 to 4 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2629
• build(deps): bump org.owasp.esapi:esapi from 2.5.3.0 to 2.5.3.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2631
• build(deps): bump com.icegreen:greenmail from 1.6.14 to 1.6.15 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2632
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37.1 to 9.37.2 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2633
• Update account menu for keyboard accessibility by @​ystros in https://github.com/cloudfoundry/uaa/pull/2587
• Bump dependency org.gradle:test-retry-gradle-plugin to v1.5.8 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2634
• Check zone id by @​strehle in https://github.com/cloudfoundry/uaa/pull/2617
• Check zone id before jdbc access by @​strehle in https://github.com/cloudfoundry/uaa/pull/2616
• build(deps): bump org.eclipse.jgit:org.eclipse.jgit from 6.7.0.202309050840-r to 6.8.0.202311291450-r by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2636
• build(deps): bump org.postgresql:postgresql from 42.7.0 to 42.7.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2639
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37.2 to 9.37.3 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2640

Full Changelog: cloudfoundry/uaa@v76.26.0...v76.27.0

v76.27.0: 76.27.0

Compare Source

What's Changed

• build(deps): bump org.owasp.esapi:esapi from 2.5.2.0 to 2.5.3.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2619
• build(deps): bump org.apache.santuario:xmlsec from 4.0.0 to 4.0.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2621
• renovate: update dependency org.gradle:test-retry-gradle-plugin to v1.5.7 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2623
• Bump Gradle to 8.5 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2626
• build(deps): bump commons-io:commons-io from 2.15.0 to 2.15.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2627
• build(deps): bump actions/setup-java from 3 to 4 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2629
• build(deps): bump org.owasp.esapi:esapi from 2.5.3.0 to 2.5.3.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2631
• build(deps): bump com.icegreen:greenmail from 1.6.14 to 1.6.15 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2632
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37.1 to 9.37.2 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2633
• Update account menu for keyboard accessibility by @​ystros in https://github.com/cloudfoundry/uaa/pull/2587
• Bump dependency org.gradle:test-retry-gradle-plugin to v1.5.8 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2634
• Check zone id by @​strehle in https://github.com/cloudfoundry/uaa/pull/2617
• Check zone id before jdbc access by @​strehle in https://github.com/cloudfoundry/uaa/pull/2616
• build(deps): bump org.eclipse.jgit:org.eclipse.jgit from 6.7.0.202309050840-r to 6.8.0.202311291450-r by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2636
• build(deps): bump org.postgresql:postgresql from 42.7.0 to 42.7.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2639
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37.2 to 9.37.3 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2640

Full Changelog: cloudfoundry/uaa@v76.26.0...v76.27.0

v76.26.0: 76.26.0

Compare Source

What's Changed

Remarks

Deprecation notice: UAA can currently function as a SAML identity provider (IdP). This functionality will be removed in a future release. This will facilitate ongoing efforts to upgrade the Spring Boot library that UAA uses. However, UAA's ability to be a service provider (SP) that integrates with an external SAML-based IdP will still be supported.

Fixes

• return invalid_client in oauth2 error code by @​strehle in https://github.com/cloudfoundry/uaa/pull/2596
• fix slack in readme by @​strehle in https://github.com/cloudfoundry/uaa/pull/2609
• fix sonar finding by @​strehle in https://github.com/cloudfoundry/uaa/pull/2592

New

• Add config to control whether to perform "OpenID Connect RP-Initiated Logout" when using an external OIDC provider by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2590
• Add label text to all form controls by @​ystros in https://github.com/cloudfoundry/uaa/pull/2588

Misc

• Add SAML IdP deprecation notice by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2607
• Update OIDC integration documentation by @​strehle in https://github.com/cloudfoundry/uaa/pull/2585
• refactor two SAML tests to use page objects by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2543
• Miscellaneous refactors by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2608
• refactor: move jakarta mail dependency to spring boot mail by @​strehle in https://github.com/cloudfoundry/uaa/pull/2611

Dependency Bumps

• build(deps): bump versions.springBootVersion from 2.7.17 to 2.7.18 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2614
• Bump mariadb from 2.7.10 to 2.7.11 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2594
• build(deps): bump github.com/onsi/gomega from 1.29.0 to 1.30.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2595
• build(deps): bump k8s.io/client-go from 0.28.3 to 0.28.4 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2603
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37 to 9.37.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2593
• build(deps): bump org.postgresql:postgresql from 42.6.0 to 42.7.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2612
• build(deps): bump versions.bouncyCastleVersion from 1.76 to 1.77 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2600
• build(deps): bump versions.tomcatCargoVersion from 9.0.82 to 9.0.83 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2601
• Bump jackson from 2.15.3 to 2.16.0 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2605

New Contributors

• @​ystros made their first contribution in https://github.com/cloudfoundry/uaa/pull/2588

Full Changelog: cloudfoundry/uaa@v76.25.0...v76.26.0

v76.26.0: 76.26.0

Compare Source

What's Changed

Remarks

Deprecation notice: UAA can currently function as a SAML identity provider (IdP). This functionality will be removed in a future release. This will facilitate ongoing efforts to upgrade the Spring Boot library that UAA uses. However, UAA's ability to be a service provider (SP) that integrates with an external SAML-based IdP will still be supported.

Fixes

• return invalid_client in oauth2 error code by @​strehle in https://github.com/cloudfoundry/uaa/pull/2596
• fix slack in readme by @​strehle in https://github.com/cloudfoundry/uaa/pull/2609
• fix sonar finding by @​strehle in https://github.com/cloudfoundry/uaa/pull/2592

New

• Add config to control whether to perform "OpenID Connect RP-Initiated Logout" when using an external OIDC provider by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2590
• Add label text to all form controls by @​ystros in https://github.com/cloudfoundry/uaa/pull/2588

Misc

• Add SAML IdP deprecation notice by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2607
• Update OIDC integration documentation by @​strehle in https://github.com/cloudfoundry/uaa/pull/2585
• refactor two SAML tests to use page objects by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2543
• Miscellaneous refactors by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2608
• refactor: move jakarta mail dependency to spring boot mail by @​strehle in https://github.com/cloudfoundry/uaa/pull/2611

Dependency Bumps

• build(deps): bump versions.springBootVersion from 2.7.17 to 2.7.18 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2614
• Bump mariadb from 2.7.10 to 2.7.11 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2594
• build(deps): bump github.com/onsi/gomega from 1.29.0 to 1.30.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2595
• build(deps): bump k8s.io/client-go from 0.28.3 to 0.28.4 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2603
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37 to 9.37.1 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2593
• build(deps): bump org.postgresql:postgresql from 42.6.0 to 42.7.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2612
• build(deps): bump versions.bouncyCastleVersion from 1.76 to 1.77 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2600
• build(deps): bump versions.tomcatCargoVersion from 9.0.82 to 9.0.83 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2601
• Bump jackson from 2.15.3 to 2.16.0 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2605

New Contributors

• @​ystros made their first contribution in https://github.com/cloudfoundry/uaa/pull/2588

Full Changelog: cloudfoundry/uaa@v76.25.0...v76.26.0

v76.25.0: 76.25.0

Compare Source

What's Changed

• build(deps): bump commons-io:commons-io from 2.14.0 to 2.15.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2579
• build(deps): bump github.com/onsi/gomega from 1.28.1 to 1.29.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2578
• build(deps): bump org.apache.commons:commons-text from 1.10.0 to 1.11.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2582
• update dependency middleman to v4.5.1 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2580

Full Changelog: cloudfoundry/uaa@v76.24.0...v76.25.0

v76.25.0: 76.25.0

Compare Source

What's Changed

• build(deps): bump commons-io:commons-io from 2.14.0 to 2.15.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2579
• build(deps): bump github.com/onsi/gomega from 1.28.1 to 1.29.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2578
• build(deps): bump org.apache.commons:commons-text from 1.10.0 to 1.11.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2582
• update dependency middleman to v4.5.1 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2580

Full Changelog: cloudfoundry/uaa@v76.24.0...v76.25.0

v76.24.0: 76.24.0

Compare Source

What's Changed

Remarks

• The versions 76.22.0 and 76.23.0 contain a regression regarding the empty secret change. If you need to have an empty secret in your clients and you create them later via REST calls, use this version.
• This version was created with Java 17

Regression Fix

• validate secrets only with text by @​strehle in https://github.com/cloudfoundry/uaa/pull/2574

Feature

• feature: add client_auth_method=none into tokens for clients with empty secret by @​strehle in https://github.com/cloudfoundry/uaa/pull/2504

Misc

• fix: java version requirement in README by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2563
• fix flaky test by @​strehle in https://github.com/cloudfoundry/uaa/pull/2565
• fix: unnecessary method call by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2549
• sonar fix by @​strehle in https://github.com/cloudfoundry/uaa/pull/2526
• documentation: update system admin guide by @​strehle in https://github.com/cloudfoundry/uaa/pull/2520
• doc: announcement for private_key_jwt by @​strehle in https://github.com/cloudfoundry/uaa/pull/2551

Dependency Bumps

• Bump: Java version to 17 by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2562
• build(deps): bump github.com/onsi/gomega from 1.28.0 to 1.28.1 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2568
• build(deps): bump org.apache.directory.server:apacheds-protocol-ldap from 2.0.0.AM26 to 2.0.0.AM27 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2567

Full Changelog: cloudfoundry/uaa@v76.23.0...v76.24.0

v76.24.0: 76.24.0

Compare Source

What's Changed

Remarks

• The versions 76.22.0 and 76.23.0 contain a regression regarding the empty secret change. If you need to have an empty secret in your clients and you create them later via REST calls, use this version.
• This version was created with Java 17

Regression Fix

• validate secrets only with text by @​strehle in https://github.com/cloudfoundry/uaa/pull/2574

Feature

• feature: add client_auth_method=none into tokens for clients with empty secret by @​strehle in https://github.com/cloudfoundry/uaa/pull/2504

Misc

• fix: java version requirement in README by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2563
• fix flaky test by @​strehle in https://github.com/cloudfoundry/uaa/pull/2565
• fix: unnecessary method call by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2549
• sonar fix by @​strehle in https://github.com/cloudfoundry/uaa/pull/2526
• documentation: update system admin guide by @​strehle in https://github.com/cloudfoundry/uaa/pull/2520
• doc: announcement for private_key_jwt by @​strehle in https://github.com/cloudfoundry/uaa/pull/2551

Dependency Bumps

• Bump: Java version to 17 by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2562
• build(deps): bump github.com/onsi/gomega from 1.28.0 to 1.28.1 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2568
• build(deps): bump org.apache.directory.server:apacheds-protocol-ldap from 2.0.0.AM26 to 2.0.0.AM27 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2567

Full Changelog: cloudfoundry/uaa@v76.23.0...v76.24.0

v76.23.0: 76.23.0

Compare Source

What's Changed

Experimental Feature

Client Authentication with JWT assertions, Howto

Features

• feature: add runtime support for private_key_jwt client authentication by @​strehle in https://github.com/cloudfoundry/uaa/pull/2507
• feature: add change size to pull request by @​bruce-ricard in https://github.com/cloudfoundry/uaa/pull/2546
• feature: enhance well-known and document private_key_jwt parameters in rest API by @​strehle in https://github.com/cloudfoundry/uaa/pull/2509

Fixes

• fix sonar findings by @​strehle in https://github.com/cloudfoundry/uaa/pull/2528
• fix sonar finding: duplicate string literals by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2531
• fix sonar issue: Utility classes should not have public constructors by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2533
• fix sonar findings by @​strehle in https://github.com/cloudfoundry/uaa/pull/2527
• Bump org.json:json from 2023061 to 2023101 , fixes CVE-2023-5072 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2544

Misc

• Make it easier to find test failures in CI output by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2511
• test: Add Client Authentication Integration Tests by @​strehle in https://github.com/cloudfoundry/uaa/pull/2508

Dependency Bumps

• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.35 to 9.36 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2529
• build(deps): bump versions.guavaVersion from 32.1.2-jre to 32.1.3-jre by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2534
• build(deps): bump org.apache.directory.api:api-ldap-model from 2.1.4 to 2.1.5 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2536
• build(deps): bump golang.org/x/net from 0.14.0 to 0.17.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2538
• build(deps): bump versions.tomcatCargoVersion from 9.0.80 to 9.0.82 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2540
• Bump jackson version 2.15.2 to 2.15.3, https://github.com/cloudfoundry/uaa/pull/2541
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.36 to 9.37 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2548
• build(deps): bump k8s.io/client-go from 0.28.2 to 0.28.3 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2555
• build(deps): bump versions.springBootVersion from 2.7.16 to 2.7.17 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2553
• build(deps): bump org.apache.santuario:xmlsec from 3.0.2 to 4.0.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2554

Full Changelog: cloudfoundry/uaa@v76.22.0...v76.23.0

v76.23.0: 76.23.0

Compare Source

What's Changed

Experimental Feature

Client Authentication with JWT assertions, Howto

Features

• feature: add runtime support for private_key_jwt client authentication by @​strehle in https://github.com/cloudfoundry/uaa/pull/2507
• feature: add change size to pull request by @​bruce-ricard in https://github.com/cloudfoundry/uaa/pull/2546
• feature: enhance well-known and document private_key_jwt parameters in rest API by @​strehle in https://github.com/cloudfoundry/uaa/pull/2509

Fixes

• fix sonar findings by @​strehle in https://github.com/cloudfoundry/uaa/pull/2528
• fix sonar finding: duplicate string literals by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2531
• fix sonar issue: Utility classes should not have public constructors by @​klaus-sap in https://github.com/cloudfoundry/uaa/pull/2533
• fix sonar findings by @​strehle in https://github.com/cloudfoundry/uaa/pull/2527
• Bump org.json:json from 2023061 to 2023101 , fixes CVE-2023-5072 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2544

Misc

• Make it easier to find test failures in CI output by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2511
• test: Add Client Authentication Integration Tests by @​strehle in https://github.com/cloudfoundry/uaa/pull/2508

Dependency Bumps

• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.35 to 9.36 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2529
• build(deps): bump versions.guavaVersion from 32.1.2-jre to 32.1.3-jre by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2534
• build(deps): bump org.apache.directory.api:api-ldap-model from 2.1.4 to 2.1.5 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2536
• build(deps): bump golang.org/x/net from 0.14.0 to 0.17.0 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2538
• build(deps): bump versions.tomcatCargoVersion from 9.0.80 to 9.0.82 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2540
• Bump jackson version 2.15.2 to 2.15.3, https://github.com/cloudfoundry/uaa/pull/2541
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.36 to 9.37 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2548
• build(deps): bump k8s.io/client-go from 0.28.2 to 0.28.3 in /k8s by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2555
• build(deps): bump versions.springBootVersion from 2.7.16 to 2.7.17 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2553
• build(deps): bump org.apache.santuario:xmlsec from 3.0.2 to 4.0.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2554

Full Changelog: cloudfoundry/uaa@v76.22.0...v76.23.0

v76.22.0: 76.22.0

Compare Source

What's Changed

Features

• feature: allow setting SameSite on X-Uaa-Csrf cookie by @​mikeroda in https://github.com/cloudfoundry/uaa/pull/2439
• feature: add persistence support for private_key_jwt client authentication by @​strehle in https://github.com/cloudfoundry/uaa/pull/2449

Fixes

• fix: Flaky test by @​strehle in https://github.com/cloudfoundry/uaa/pull/2491
• fix: do not default a missing secret to an empty one by @​strehle in https://github.com/cloudfoundry/uaa/pull/2455
• fix: missing shebang by @​bruce-ricard in https://github.com/cloudfoundry/uaa/pull/2497
• fix: ClientAdminEndpointsValidator should allow authorization_code with empty secret by @​strehle in https://github.com/cloudfoundry/uaa/pull/2461
• fix: json syntax error by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2521

Misc

• Page object refactoring for two additional tests by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2490
• Passcode test refactor by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2501
• test clean-up: switch back to using standard simplesamlPHP server URL by @​peterhaochen47 in https://github.com/cloudfoundry/uaa/pull/2516
• delete unused pom.xml by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2519
• refactor: use page objects for favicon test by @​swalchemist in https://github.com/cloudfoundry/uaa/pull/2498

Dependency Bumps

• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.32 to 9.34 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2489
• build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.34 to 9.35 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2492
• update module github.com/onsi/ginkgo/v2 to v2.12.1 by @​strehle in https://github.com/cloudfoundry/uaa/pull/2494
• build(deps): bump versions.springBootVersion from 2.7.15 to 2.7.16 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2495
• build(deps): bump org.passay:passay from 1.6.3 to 1.6.4 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2499
• build(deps): bump versions.seleniumVersion from 4.12.1 to 4.13.0 by @​dependabot in https://github.com/cloudfoundry/uaa/pull/2502
• build(deps): bump github.com/onsi/gomega from 1.27.10 to 1.28.0 in /k8s by @​dependabot in [https://github.com/build(deps): bump github.com/onsi/gomega from 1.27.10 to 1.28.0 in /k8s uaa#2510](https://redirect.github.com/cloudfoundry/uaa/pu

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.