Bump org.springframework.security:spring-security-bom from 7.0.3 to 7.0.6

[dependabot]

Bumps org.springframework.security:spring-security-bom from 7.0.3 to 7.0.6.

Release notes

Sourced from org.springframework.security:spring-security-bom's releases.

7.0.6

🪲 Bug Fixes

• FormPostRedirectStrategy should not emit percent-encoded values into hidden form inputs #19137
• AbstractAuthenticationFilterConfigurer should not automatically pick up servlet path #19128
• Principal Extractor should select the left-most RDN attribute value #19254

🔨 Dependency Upgrades

• Bump antora from 3.2.0-alpha.11 to 3.2.0-alpha.12 in /docs #19184
• Bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.34 #19266
• Bump com.webauthn4j:webauthn4j-core from 0.31.3.RELEASE to 0.31.5.RELEASE #19151
• Bump com.webauthn4j:webauthn4j-core from 0.31.5.RELEASE to 0.31.6.RELEASE #19265
• Bump gradle-wrapper from 8.14.4 to 8.14.5 #19160
• Bump io-micrometer from 1.16.5 to 1.16.6 #19292
• Bump io.mockk:mockk from 1.14.9 to 1.14.11 #19247
• Bump io.projectreactor:reactor-bom from 2025.0.5 to 2025.0.6 #19298
• Bump org-bouncycastle from 1.80 to 1.80.2 #19193
• Bump org.apache.maven:maven-resolver-provider from 3.9.15 to 3.9.16 #19192
• Bump org.slf4j:slf4j-api from 2.0.17 to 2.0.18 #19174
• Bump org.springframework.data:spring-data-bom from 2025.1.5 to 2025.1.6 #19294
• Bump org.springframework.ldap:spring-ldap-core from 4.0.3 to 4.0.4 #19289
• Bump org.springframework:spring-framework-bom from 7.0.7 to 7.0.8 #19288
• Bump spring-io/spring-release-actions from 0.0.4 to 0.0.5 #19182
• Update to Micrometer 1.16.5 #19225

🔩 Build Updates

• Release 7.0.6 #19239

7.0.5

⭐ New Features

• Add XML Based shouldWriteHeadersEagerly tests #19018
• Merge Add CredentialRecordOwnerAuthorizationManager #19005

🪲 Bug Fixes

• Add equals and hashcode to HttpMethodRequestMatcher #18963
• auth_time claim doesn't show the time of the original authentication #18282
• auth_time validation fails when SSO session is renewed #18978
• Fallback defaultTargetUrl if refererHeader is empty #18981
• Fix HttpSessionRequestCache#getMatchingRequest query string parsing #18972
• Merge Handle null value in OnCommittedResponseWrapper header methods #18990
• OAuth2 client sessionManagement ineffective with DefaultOidcUser #19022

🔨 Dependency Upgrades

• Bump @springio/antora-extensions from 1.14.10 to 1.14.11 in /docs #19054
• Bump @springio/antora-extensions from 1.14.7 to 1.14.9 in /docs #18953

... (truncated)

Commits

• acd131c Release 7.0.6
• 62c4d60 Merge branch '6.5.x' into 7.0.x
• d884913 Sync branch '7.0.x'
• fd5dae5 Sync branch '6.5.x'
• d29c761 Merge branch '6.5.x' into 7.0.x
• 700a453 Bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.34
• 3a394c6 Update micrometer-bom to 1.15.12
• 79f9bec Update to reactor-bom 2024.0.18
• 5b01936 Bump org.hibernate.orm:hibernate-core from 6.6.51.Final to 6.6.53.Final
• 038da02 Bump io.projectreactor:reactor-bom from 2025.0.5 to 2025.0.6
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)