7.21.0-rc.325
- AAE-46367 Prevent leaking collection element variable into multi-instance call activity result collection with variable mapping extensions by @igdianov in https://github.com/Activiti/Activiti/pull/5429
Full Changelog: https://github.com/Activiti/Activiti/compare/7.21.0-rc.324...7.21.0-rc.325
4.1.0
- Bump ch.qos.logback:logback-core from 1.5.32 to 1.5.33 #3792
- Bump ch.qos.logback:logback-core from 1.5.33 to 1.5.34 #3799
- Bump com.github.ben-manes:gradle-versions-plugin from 0.53.0 to 0.54.0 #3745
- Bump com.google.code.gson:gson from 2.13.2 to 2.14.0 #3756
- Bump com.ibm.db2:jcc from 12.1.3.0 to 12.1.4.0 #3696
- Bump com.mysql:mysql-connector-j from 9.6.0 to 9.7.0 #3754
- Bump com.oracle.database.jdbc:ojdbc8 from 23.26.1.0.0 to 23.26.2.0.0 #3789
- Bump commons-logging:commons-logging from 1.3.5 to 1.3.6 #3695
- Bump io.projectreactor:reactor-bom from 2025.0.3 to 2025.0.5 #3743
- Bump io.projectreactor:reactor-bom from 2025.0.5 to 2025.0.6 #3803
- Bump io.projectreactor:reactor-core from 3.8.3 to 3.8.5 #3742
- Bump io.projectreactor:reactor-core from 3.8.5 to 3.8.6 #3805
- Bump io.spring.gradle:spring-security-release-plugin from 1.0.14 to 1.0.15 #3709
- Bump io.spring.nullability:io.spring.nullability.gradle.plugin from 0.0.11 to 0.0.13 #3740
- Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.35.6 to 4.35.9 #3791
- Bump org.mariadb.jdbc:mariadb-java-client from 3.5.7 to 3.5.8 #3734
- Bump org.mockito:mockito-bom from 5.21.0 to 5.23.0 #3702
- Bump org.postgresql:postgresql from 42.7.10 to 42.7.11 #3790
- Bump org.springframework.boot:spring-boot-gradle-plugin from 4.1.0-M1 to 4.1.0-SNAPSHOT #3760
- Bump org.springframework.data:spring-data-bom from 2025.1.3 to 2025.1.5 #3744
- Bump org.springframework.data:spring-data-bom from 2025.1.5 to 2025.1.6 #3813
- Bump org.springframework.security:spring-security-bom from 7.0.3 to 7.0.5 #3749
- Bump org.springframework.security:spring-security-bom from 7.0.5 to 7.1.0 #3816
- Bump org.springframework:spring-framework-bom from 7.0.4 to 7.0.7 #3746
- Bump org.springframework:spring-framework-bom from 7.0.7 to 7.0.8 #3804
- Bump org.testcontainers:testcontainers-bom from 2.0.3 to 2.0.5 #3750
- Bump tools.jackson.core:jackson-databind from 3.0.4 to 3.1.3 #3780
- Bump tools.jackson.core:jackson-databind from 3.1.3 to 3.1.4 #3796
- Bump tools.jackson:jackson-bom from 3.0.4 to 3.1.3 #3772
- Bump tools.jackson:jackson-bom from 3.1.3 to 3.1.4 #3797
4.0.4
- Bump ch.qos.logback:logback-core from 1.5.26 to 1.5.32 #3785
- Bump ch.qos.logback:logback-core from 1.5.32 to 1.5.33 #3793
- Bump ch.qos.logback:logback-core from 1.5.33 to 1.5.34 #3800
- Bump com.ibm.db2:jcc from 12.1.3.0 to 12.1.4.0 #3779
- Bump com.oracle.database.jdbc:ojdbc8 from 23.26.0.0.0 to 23.26.2.0.0 #3775
- Bump commons-logging:commons-logging from 1.3.5 to 1.3.6 #3777
- Bump io.projectreactor:reactor-bom from 2025.0.2 to 2025.0.5 #3774
- Bump io.projectreactor:reactor-bom from 2025.0.5 to 2025.0.6 #3809
- Bump io.projectreactor:reactor-core from 3.8.2 to 3.8.5 #3778
- Bump io.projectreactor:reactor-core from 3.8.5 to 3.8.6 #3807
- Bump io.spring.gradle:spring-security-release-plugin from 1.0.13 to 1.0.15 #3782
- Bump org.jfrog.buildinfo:build-info-extractor-gradle from 4.35.6 to 4.35.9 #3784
- Bump org.mariadb.jdbc:mariadb-java-client from 3.5.7 to 3.5.8 #3776
- Bump org.postgresql:postgresql from 42.7.9 to 42.7.11 #3783
- Bump org.springframework.boot:spring-boot-gradle-plugin from 4.0.2 to 4.0.6 #3781
- Bump org.springframework.data:spring-data-bom from 2025.1.2 to 2025.1.5 #3771
- Bump org.springframework.data:spring-data-bom from 2025.1.5 to 2025.1.6 #3812
- Bump org.springframework.security:spring-security-bom from 7.0.2 to 7.0.5 #3773
- Bump org.springframework.security:spring-security-bom from 7.0.5 to 7.0.6 #3810
- Bump org.springframework:spring-framework-bom from 7.0.2 to 7.0.7 #3768
- Bump org.springframework:spring-framework-bom from 7.0.7 to 7.0.8 #3808
- Bump org.testcontainers:testcontainers-bom from 2.0.3 to 2.0.5 #3770
3.5.7
- Bump ch.qos.logback:logback-core from 1.5.32 to 1.5.34 #3815
- Bump com.fasterxml.jackson.core:jackson-databind from 2.18.6 to 2.18.7 #3759
- Bump com.fasterxml.jackson.core:jackson-databind from 2.18.7 to 2.18.8 #3811
- Bump com.ibm.db2:jcc from 12.1.3.0 to 12.1.4.0 #3697
- Bump io.projectreactor:reactor-bom from 2024.0.17 to 2024.0.18 #3819
- Bump org.postgresql:postgresql from 42.7.10 to 42.7.11 #3761
- Bump org.springframework.data:spring-data-bom from 2025.0.11 to 2025.0.12 #3814
- Bump org.springframework.security:spring-security-bom from 6.5.10 to 6.5.11 #3817
- Bump org.springframework:spring-framework-bom from 6.2.18 to 6.2.19 #3818
7.1.0
- Opaque token introspectors should not allow empty credentials #19201
- Bump
@springio/antora-extensions from 1.14.11 to 1.14.12 in /docs #19235 - Bump actions/checkout from 6.0.2 to 6.0.3 #19271
- Bump antora from 3.2.0-alpha.11 to 3.2.0-alpha.12 in /docs #19181
- Bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.33 #19228
- Bump ch.qos.logback:logback-classic from 1.5.33 to 1.5.34 #19268
- Bump com.fasterxml.jackson:jackson-bom from 2.21.2 to 2.21.3 #19133
- Bump com.fasterxml.jackson:jackson-bom from 2.21.3 to 2.22.0 #19246
- Bump com.google.code.gson:gson from 2.13.2 to 2.14.0 #19125
- Bump com.nimbusds:oauth2-oidc-sdk from 11.37 to 11.37.1 #19157
- Bump com.nimbusds:oauth2-oidc-sdk from 11.37 to 11.37.2 #19195
- Bump com.webauthn4j:webauthn4j-core from 0.31.3.RELEASE to 0.31.5.RELEASE #19148
- Bump com.webauthn4j:webauthn4j-core from 0.31.5.RELEASE to 0.31.6.RELEASE #19263
- Bump gradle-wrapper from 9.4.1 to 9.5.0 #19135
- Bump gradle-wrapper from 9.5.0 to 9.5.1 #19171
- Bump io-micrometer from 1.16.5 to 1.17.0 #19287
- Bump io.mockk:mockk from 1.14.9 to 1.14.11 #19244
- Bump io.projectreactor:reactor-bom from 2025.0.5 to 2025.0.6 #19296
- Bump org-jetbrains-kotlin from 2.3.20 to 2.3.21 #19126
- Bump org-jetbrains-kotlin from 2.3.21 to 2.4.0 #19264
- Bump org-opensaml5 from 5.2.1 to 5.2.2 #19176
- Bump org.apache.maven:maven-resolver-provider from 3.9.15 to 3.9.16 #19190
- Bump org.apereo.cas.client:cas-client-core from 4.1.0 to 4.1.1 #19200
- Bump org.hibernate.orm:hibernate-core from 7.3.1.Final to 7.3.2.Final #19119
- Bump org.hibernate.orm:hibernate-core from 7.3.2.Final to 7.3.3.Final #19149
- Bump org.hibernate.orm:hibernate-core from 7.3.3.Final to 7.3.4.Final #19165
- Bump org.hibernate.orm:hibernate-core from 7.3.4.Final to 7.3.5.Final #19191
- Bump org.hibernate.orm:hibernate-core from 7.3.5.Final to 7.3.6.Final #19211
- Bump org.hibernate.orm:hibernate-core from 7.3.6.Final to 7.4.0.Final #19226
- Bump org.jetbrains.kotlinx:kotlinx-coroutines-bom from 1.10.2 to 1.11.0 #19166
- Bump org.junit:junit-bom from 6.0.3 to 6.1.0 #19197
- Bump org.slf4j:slf4j-api from 2.0.17 to 2.0.18 #19169
- Bump org.springframework.data:spring-data-bom from 2025.1.5 to 2025.1.6 #19290
- Bump org.springframework.ldap:spring-ldap-core from 4.0.3 to 4.1.0 #19291
- Bump org.springframework:spring-framework-bom from 7.0.7 to 7.0.8 #19285
- Bump spring-io/spring-release-actions from 0.0.4 to 0.0.5 #19179
- Bump tools.jackson:jackson-bom from 3.1.2 to 3.1.3 #19147
- Bump tools.jackson:jackson-bom from 3.1.3 to 3.1.4 #19245
- Bump tools.jackson:jackson-bom from 3.1.4 to 3.2.0 #19286
- Update to spring-data-bom 2026.0.0 #19303
- Release 7.1.0 #19218
7.0.6
FormPostRedirectStrategyshould not emit percent-encoded values into hidden form inputs #19137- AbstractAuthenticationFilterConfigurer should not automatically pick up servlet path #19128
- Principal Extractor should select the left-most RDN attribute value #19254
- Bump antora from 3.2.0-alpha.11 to 3.2.0-alpha.12 in /docs #19184
- Bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.34 #19266
- Bump com.webauthn4j:webauthn4j-core from 0.31.3.RELEASE to 0.31.5.RELEASE #19151
- Bump com.webauthn4j:webauthn4j-core from 0.31.5.RELEASE to 0.31.6.RELEASE #19265
- Bump gradle-wrapper from 8.14.4 to 8.14.5 #19160
- Bump io-micrometer from 1.16.5 to 1.16.6 #19292
- Bump io.mockk:mockk from 1.14.9 to 1.14.11 #19247
- Bump io.projectreactor:reactor-bom from 2025.0.5 to 2025.0.6 #19298
- Bump org-bouncycastle from 1.80 to 1.80.2 #19193
- Bump org.apache.maven:maven-resolver-provider from 3.9.15 to 3.9.16 #19192
- Bump org.slf4j:slf4j-api from 2.0.17 to 2.0.18 #19174
- Bump org.springframework.data:spring-data-bom from 2025.1.5 to 2025.1.6 #19294
- Bump org.springframework.ldap:spring-ldap-core from 4.0.3 to 4.0.4 #19289
- Bump org.springframework:spring-framework-bom from 7.0.7 to 7.0.8 #19288
- Bump spring-io/spring-release-actions from 0.0.4 to 0.0.5 #19182
- Update to Micrometer 1.16.5 #19225
- Release 7.0.6 #19239
6.5.11
FormPostRedirectStrategyshould not emit percent-encoded values into hidden form inputs #19136
- Bump antora from 3.2.0-alpha.11 to 3.2.0-alpha.12 in /docs #19185
- Bump ch.qos.logback:logback-classic from 1.5.32 to 1.5.34 #19299
- Bump com.fasterxml.jackson:jackson-bom from 2.18.6 to 2.18.7 #19129
- Bump com.fasterxml.jackson:jackson-bom from 2.18.7 to 2.18.8 #19297
- Bump gradle-wrapper from 8.14.4 to 8.14.5 #19159
- Bump org-bouncycastle from 1.80 to 1.80.2 #19204
- Bump org.apache.maven:maven-resolver-provider from 3.9.15 to 3.9.16 #19205
- Bump org.hibernate.orm:hibernate-core from 6.6.49.Final to 6.6.50.Final #19150
- Bump org.hibernate.orm:hibernate-core from 6.6.50.Final to 6.6.51.Final #19213
- Bump org.hibernate.orm:hibernate-core from 6.6.51.Final to 6.6.53.Final #19300
- Bump org.slf4j:slf4j-api from 2.0.17 to 2.0.18 #19173
- Bump org.springframework:spring-framework-bom from 6.2.18 to 6.2.19 #19293
- Bump spring-io/spring-gradle-build-action from 2.0.5 to 2.0.6 #19124
- Bump spring-io/spring-release-actions from 0.0.4 to 0.0.5 #19183
- Update micrometer-bom to 1.15.12 #19302
- Update to Micrometer 1.15.11 #19224
- Update to reactor-bom 2024.0.18 #19301
- Release 6.5.11 #19118