Skip to content

Releases: apache/shiro

Apache Shiro 2.0.2

07 Nov 01:27
Compare
Choose a tag to compare

Enhancements

Bug fixes

Maintenance Tasks

  • chore: re-enabled API compatibility check plugin by @lprimak in #1652
  • enh(checkstyle): disable method name validation for test classes by @lprimak in #1650

Dependency updates

  • update quartz to 2.4.0-rc2, fix CVE-2023-39017 by @minchai23 in #1498
  • chore(deps): bump org.quartz-scheduler:quartz from 2.4.0-rc2 to 2.5.0-rc1 by @dependabot in #1503
  • chore(deps-dev): bump org.assertj:assertj-core from 3.25.3 to 3.26.0 by @dependabot in #1505
  • chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.6.14 by @dependabot in #1506
  • chore(deps): bump com.puppycrawl.tools:checkstyle from 10.16.0 to 10.17.0 by @dependabot in #1504
  • chore(deps): bump org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.14 to 1.7.0 by @dependabot in #1508
  • chore(deps): bump bytebuddy.version from 1.14.16 to 1.14.17 by @dependabot in #1509
  • chore(deps-dev): bump org.hsqldb:hsqldb from 2.7.2 to 2.7.3 by @dependabot in #1511
  • chore(deps): bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #1515
  • chore(deps): bump com.flowlogix:flowlogix-jee from 5.5.3 to 5.5.4 by @dependabot in #1518
  • chore(deps): bump org.apache.maven.plugins:maven-jxr-plugin from 3.3.2 to 3.4.0 by @dependabot in #1519
  • chore(deps): bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in #1520
  • chore(deps): bump org.apache.maven.plugins:maven-help-plugin from 3.4.0 to 3.4.1 by @dependabot in #1522
  • chore(deps): bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 by @dependabot in #1523
  • chore(deps): bump org.htmlunit:htmlunit from 4.1.0 to 4.2.0 by @dependabot in #1524
  • chore(deps-dev): bump org.easymock:easymock from 5.2.0 to 5.3.0 by @dependabot in #1527
  • chore(deps): bump org.apache.commons:commons-configuration2 from 2.10.1 to 2.11.0 by @dependabot in #1528
  • chore(deps): bump github/codeql-action from 3.25.8 to 3.25.9 by @dependabot in #1533
  • chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.22.0 to 3.23.0 by @dependabot in #1534
  • chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #1535
  • chore(deps): bump spring.version from 5.3.36 to 5.3.37 by @dependabot in #1539
  • chore(deps): bump github/codeql-action from 3.25.9 to 3.25.10 by @dependabot in #1536
  • deps: updated javassist to latest by @lprimak in #1545
  • chore(deps-dev): bump tomcat.version from 10.1.24 to 10.1.25 by @dependabot in #1546
  • chore(deps): bump org.apache.maven.plugins:maven-scm-publish-plugin from 3.2.1 to 3.3.0 by @dependabot in #1553
  • chore(deps): bump junit.version from 5.10.2 to 5.10.3 by @dependabot in #1555
  • chore(deps): bump org.htmlunit:htmlunit from 4.2.0 to 4.3.0 by @dependabot in #1556
  • chore(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #1557
  • chore(deps): bump org.projectlombok:lombok from 1.18.32 to 1.18.34 by @dependabot in #1558
  • chore(deps): bump org.owasp:dependency-check-maven from 9.2.0 to 10.0.0 by @dependabot in #1564
  • chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to 2.17.0 by @dependabot in #1562
  • chore(deps): bump groovy.version from 4.0.21 to 4.0.22 by @dependabot in #1563
  • chore(deps): bump org.owasp:dependency-check-maven from 10.0.0 to 10.0.1 by @dependabot in #1565
  • chore(deps): bump jetty.version from 9.4.54.v20240208 to 9.4.55.v20240627 by @dependabot in #1567
  • chore(deps): bump org.codehaus.mojo:taglist-maven-plugin from 3.0.0 to 3.1.0 by @dependabot in #1568
  • chore(deps-dev): bump commons-logging:commons-logging from 1.3.2 to 1.3.3 by @dependabot in #1569
  • chore(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #1573
  • chore(deps): bump org.owasp:dependency-check-maven from 10.0.1 to 10.0.2 by @dependabot in #1575
  • chore(deps-dev): bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by @dependabot in #1580
  • chore(deps): bump bytebuddy.version from 1.14.17 to 1.14.18 by @dependabot in #1579
  • chore(deps): bump org.jsoup:jsoup from 1.17.2 to 1.18.1 by @dependabot in #1586
  • chore(deps): bump org.apache:apache from 32 to 33 by @dependabot in #1587
  • chore(deps-dev): bump org.jboss.arquillian.junit5:arquillian-junit5-container from 1.8.0.Final to 1.9.0.Final by @dependabot in #1578
  • chore(deps-dev): bump tomcat.version from 10.1.25 to 10.1.26 by @dependabot in #1594
  • chore(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #1595
  • chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.17.0 to 2.17.1 by @dependabot in #1600
  • chore(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.23.0 to 3.24.0 by @dependabot in #1601
  • chore(deps): bump org.owasp:dependency-check-maven from 10.0.2 to 10.0.3 by @dependabot in #1604
  • chore(deps): bump com.hazelcast:hazelcast from 5.3.7 to 5.3.8 by @dependabot in #1605
  • chore(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.3 to 3.6.4 by @dependabot in #1606
  • chore(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.3 to 3.6.4 by @dependabot in #1607
  • chore(deps): bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by @dependabot in #1608
  • chore(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #1611
  • chore(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.21.2 to 0.22.0 by @dependabot in #1612
  • chore(deps-dev): bump arquillian.core.version from 1.9.0.Final to 1.9.1.Final by @dependabot in #1615
  • chore(deps): bump github/codeql-action from 3.25.13 to 3.25.14 by @dependabot in #1616
  • chore(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #1619
  • chore(deps): bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in #1618
  • chore(deps): bump org.htmlunit:htmlunit from 4.3.0 to 4.4.0 by @dependabot in #1620
  • chore(deps-dev): bump org.hamcrest:hamcrest-core from 2.2 to 3.0 by @dependabot in #1624
  • chore(deps-dev): bump org.easymock:easymock from 5.3.0 to 5.4.0 by @dependabot in #1625
  • chore(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #1626
  • chore(deps): bump org.owasp.encoder:encoder from 1.2.3 to 1.3.0 by @dependabot in #1628
  • chore(deps): bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #1632
  • chore(deps-dev): bump tomcat.version from 10.1.26 to 10.1.28 by @dependabot in #1634
  • chore(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #1636
  • chore(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in #1637
  • chore(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.3.0 to 3.4.0 by @dependabot in #1643
  • chore(deps): bump slf4j.version from 2.0.13 to 2.0.14 by @dependabot in #1642
  • chore(deps): bump org.apache.commons:commons-lang3 from 3.15.0 to...
Read more

Apache Shiro 2.0.1

31 May 03:30
Compare
Choose a tag to compare

What's new Highlights

  • Added a supported way to decorate Shiro SecurityManager
  • Better compatibility with OSGi for Jakarta EE jakarta namespace
  • Fixed exception handling bugs in Jax-Rs integration module
  • Fixed a bug in Jakarta Faces integration
  • Better compatibility when building with Maven 4.x

Bug fixes

Enhancements

Documentation enhancements

Dependency updates

  • build(deps): bump log4j.version from 2.22.1 to 2.23.0 by @dependabot in #1321
  • build(deps): bump org.codehaus.mojo:exec-maven-plugin from 3.1.1 to 3.2.0 by @dependabot in #1325
  • build(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.10 to 3.10.1 by @dependabot in #1330
  • build(deps): bump actions/setup-java from 4.0.0 to 4.1.0 by @dependabot in #1331
  • build(deps): bump com.puppycrawl.tools:checkstyle from 10.13.0 to 10.14.0 by @dependabot in #1332
  • build(deps): bump mockito.version from 5.10.0 to 5.11.0 by @dependabot in #1334
  • build(deps): bump groovy.version from 4.0.18 to 4.0.19 by @dependabot in #1335
  • build(deps): bump actions/cache from 4.0.0 to 4.0.1 by @dependabot in #1336
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.5 to 0.19.1 by @dependabot in #1341
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.19.1 to 0.20.0 by @dependabot in #1342
  • build(deps): bump log4j.version from 2.23.0 to 2.23.1 by @dependabot in #1349
  • build(deps): bump com.puppycrawl.tools:checkstyle from 10.14.0 to 10.14.1 by @dependabot in #1350
  • build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #1354
  • build(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.10.1 to 3.10.2 by @dependabot in #1355
  • build(deps): bump actions/setup-java from 4.1.0 to 4.2.0 by @dependabot in #1358
  • build(deps-dev): bump org.apache.cxf:cxf-rt-frontend-jaxrs from 3.6.2 to 3.6.3 by @dependabot in #1361
  • build(deps): bump org.apache.cxf:cxf-rt-rs-client from 3.6.2 to 3.6.3 by @dependabot in #1359
  • build(deps): bump org.apache.commons:commons-configuration2 from 2.9.0 to 2.10.0 by @dependabot in #1360
  • build(deps): bump spring.version from 5.3.32 to 5.3.33 by @dependabot in #1363
  • build(deps): bump groovy.version from 4.0.19 to 4.0.20 by @dependabot in #1364
  • build(deps): bump actions/setup-java from 4.2.0 to 4.2.1 by @dependabot in #1365
  • build(deps): bump org.owasp:dependency-check-maven from 9.0.9 to 9.0.10 by @dependabot in #1368
  • build(deps): bump com.puppycrawl.tools:checkstyle from 10.14.1 to 10.14.2 by @dependabot in #1370
  • build(deps): bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in #1372
  • build(deps): bump org.projectlombok:lombok from 1.18.30 to 1.18.32 by @dependabot in #1375
  • build(deps): bump org.apache.commons:commons-configuration2 from 2.10.0 to 2.10.1 by @dependabot in #1379
  • build(deps-dev): bump commons-logging:commons-logging from 1.3.0 to 1.3.1 by @dependabot in #1386
  • build(deps-dev): bump tomcat.version from 10.1.19 to 10.1.20 by @dependabot in #1388
  • build(deps): bump bytebuddy.version from 1.14.12 to 1.14.13 by @dependabot in #1390
  • build(deps): bump com.puppycrawl.tools:checkstyle from 10.14.2 to 10.15.0 by @dependabot in #1394
  • build(deps): bump org.owasp:dependency-check-maven from 9.0.10 to 9.1.0 by @dependabot in #1395
  • build(deps): bump org.htmlunit:htmlunit from 3.11.0 to 4.0.0 by @dependabot in #1397
  • build(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.11 to 0.8.12 by @dependabot in #1398
  • build(deps): bump com.hazelcast:hazelcast from 5.3.6 to 5.3.7 by @dependabot in #1399
  • build(deps): bump groovy.version from 4.0.20 to 4.0.21 by @dependabot in #1404
  • build(deps): bump spring.version from 5.3.33 to 5.3.34 by @dependabot in #1405
  • build(deps): bump org.apache.karaf.features:framework from 4.4.5 to 4.4.6 by @dependabot in #1409
  • build(deps): bump slf4j.version from 2.0.12 to 2.0.13 by @dependabot in #1408
  • build(deps): bump org.omnifaces:omnifaces from 3.14.4 to 3.14.5 by @dependabot in #1411
  • build(deps): bump org.apache:apache from 31 to 32 by @dependabot in #1416
  • build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #1418
  • build(deps): bump commons-cli:commons-cli from 1.6.0 to 1.7.0 by @dependabot in #1420
  • build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #1427
  • build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #1430
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.20.0 to 0.21.0 by @dependabot in #1433
  • build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #1434
  • build(deps): bump bytebuddy.version from 1.14.13 to 1.14.14 by @dependabot in #1439
  • build(deps-dev): bump tomcat.version from 10.1.20 to 10.1.23 by @dependabot in #1438
  • deps: upgrade to Arquillian Graphene 3 by @lprimak in #1440
  • build(deps): bump org.apache.maven.plugins:maven-pmd-plugin from 3.21.2 to 3.22.0 by @dependabot in #1441
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.21.0 to 0.21.1 by @dependabot in #1442
  • build(deps): bump com.puppycrawl.tools:checkstyle from 10.15.0 to 10.16.0 by @dependabot in #1447
  • build(deps): bump org.htmlunit:htmlunit from 4.0.0 to 4.1.0 by @dependabot in #1448
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.21.1 to 0.21.2 by @dependabot in #1456
  • Dependencies: BouncyCastle 1.78.1 and Payara updates by @lprimak in #1459
  • build(deps-dev): bump org.bouncycastle:bcprov-jdk18on from 1.77 to 1.78.1 by @dependabot in #1419
  • build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #1461
  • build(deps): bump com.mycila:license-maven-plugin from 4.3 to 4.4 by @dependabot in #1462
  • build(deps): bump bytebuddy.version from 1.14.14 to 1.14.15 by @dependabot in #1464
  • build(deps): bump io.openliberty.tools:liberty-maven-plugin from 3.10.2 to 3.10.3 by @dependabot in #1465
  • build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #1466
  • build(deps): bump mockito.version from 5.11.0 to 5.12.0 by @dependabot in #1468
  • build(deps): bump com.mycila:license-maven-plugin from 4.4 to 4.5 by @dependabot in https://github.com/apache/shiro/pull...
Read more

Apache Shiro 2.0.0

28 Feb 16:59
Compare
Choose a tag to compare

What's new Highlights

  • Java 11 is the minimum supported JVM version
  • Stronger default password hashing algorithms (Argon2 and BCrypt)
  • Jakarta EE 10 support (Java/Jakarta EE 8 is also supported)
  • New Jakarta EE integration module (see Jakarta EE Integration for more information)
  • SpringBoot 3.x support (SpringBoot 2.x is also supported)
  • Automatic form resubmission when session expired (Jakarta EE only)

What's Changed

Read more

2.0.0-alpha-4

07 Nov 22:51
7b1d4fb
Compare
Choose a tag to compare
2.0.0-alpha-4 Pre-release
Pre-release

What's Changed

New Contributors

Full Changelog: shiro-root-2.0.0-alpha-3...shiro-root-2.0.0-alpha-4

Apache Shiro 1.13.0

31 Oct 09:11
Compare
Choose a tag to compare

What's Changed

  • build(deps): bump spring.version from 5.3.28 to 5.3.29 by @dependabot in #1008
  • build(deps): bump spring-boot.version from 2.7.13 to 2.7.14 by @dependabot in #1017
  • build(deps): bump com.google.guava:guava from 32.1.1-jre to 32.1.2-jre by @dependabot in #1024
  • build(deps): bump org.owasp:dependency-check-maven from 8.3.1 to 8.4.0 by @dependabot in #1038
  • build(deps-dev): bump org.mockito:mockito-core from 5.4.0 to 5.5.0 by @dependabot in #1041
  • build(deps-dev): bump org.codehaus.groovy:groovy from 2.5.22 to 2.5.23 by @dependabot in #1040
  • build(deps): bump spring-boot.version from 2.7.14 to 2.7.15 by @dependabot in #1047
  • build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #1045
  • build(deps): bump jetty.version from 9.4.51.v20230217 to 9.4.52.v20230823 by @dependabot in #1051
  • build(deps-dev): bump org.easymock:easymock from 5.1.0 to 5.2.0 by @dependabot in #1055
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.2 to 0.17.3 by @dependabot in #1063
  • build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #1064
  • build(deps): bump spring.version from 5.3.29 to 5.3.30 by @dependabot in #1072
  • build(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.0 to 2.16.1 by @dependabot in #1075
  • build(deps): bump spring-boot.version from 2.7.15 to 2.7.16 by @dependabot in #1080
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.3 to 0.18.0 by @dependabot in #1084
  • build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #1087
  • build(deps): bump com.mycila:license-maven-plugin from 4.2 to 4.3 by @dependabot in #1090
  • build(deps): bump org.codehaus.gmavenplus:gmavenplus-plugin from 3.0.0 to 3.0.2 by @dependabot in #1093
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.0 to 0.18.1 by @dependabot in #1094
  • build(deps-dev): bump org.mockito:mockito-core from 5.5.0 to 5.6.0 by @dependabot in #1106
  • build(deps): bump jetty.version from 9.4.52.v20230823 to 9.4.53.v20231009 by @dependabot in #1110
  • build(deps): bump com.google.guava:guava from 32.1.2-jre to 32.1.3-jre by @dependabot in #1112
  • build(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11 by @dependabot in #1113
  • build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in #1116
  • build(deps): bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.1 to 0.18.2 by @dependabot in #1119
  • Disable dependency convergence report by @bdemers in #933
  • build(deps): bump spring-boot.version from 2.7.16 to 2.7.17 by @dependabot in #1122
  • build(deps): bump jersey.version from 2.40 to 2.41 by @dependabot in #1130
  • Fix naming of WebContainer Tests/IT by @bdemers in #1123
  • Remove dashboard-maven-plugin from build by @bdemers in #1124
  • build(deps): bump org.owasp:dependency-check-maven from 8.4.0 to 8.4.2 by @dependabot in #1134
  • [#1138] Upgrade to Common-cli 1.6.0 by @fpapon in #1139
  • Skipping tests while running release by @bdemers in #1137
  • [#1140] Upgrade to Common-codec 1.16.0 by @fpapon in #1141
  • [#1143] Upgrade to ASF pom parent 30 by @fpapon in #1144
  • build(deps): bump com.ibm.icu:icu4j from 73.2 to 74.1 by @dependabot in #1148

Full Changelog: shiro-root-1.12.0...shiro-root-1.13.0

shiro-root-1.12.0

28 Oct 08:32
Compare
Choose a tag to compare

What's Changed

Read more

shiro-root-1.11.0

28 Oct 08:31
shiro-root-1.11.0
adb56c8
Compare
Choose a tag to compare

What's Changed

Full Changelog: shiro-root-1.10.1...shiro-root-1.11.0

shiro-root-1.10.1

28 Oct 08:32
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: shiro-root-1.10.0...shiro-root-1.10.1

shiro-root-1.10.0

28 Oct 08:33
shiro-root-1.10.0
7141f41
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: shiro-root-1.9.1...shiro-root-1.10.0

shiro-root-1.9.1

28 Oct 08:33
shiro-root-1.9.1
2b53211
Compare
Choose a tag to compare

What's Changed

Full Changelog: shiro-root-1.9.0...shiro-root-1.9.1