• Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1916
• Bump @springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1943
• Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #1922
• Bump io.spring.security.release from 1.0.3 to 1.0.4 #1966
• Bump io.spring.security.release from 1.0.4 to 1.0.5 #1988
• Bump org.springframework.security:spring-security-bom from 6.4.3 to 6.4.4 #1936
• Bump org.springframework.security:spring-security-bom from 6.4.4 to 6.4.5 #1989
• Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #1933
• Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1939
• Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1980
• Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1947

• Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1919
• Bump @springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1945
• Bump io.spring.security.release from 1.0.3 to 1.0.4 #1967
• Bump io.spring.security.release from 1.0.4 to 1.0.5 #1985
• Bump org.springframework.security:spring-security-bom from 6.3.7 to 6.3.8 #1934
• Bump org.springframework.security:spring-security-bom from 6.3.8 to 6.3.9 #1986
• Bump org.springframework:spring-framework-bom from 6.1.17 to 6.1.18 #1932
• Bump org.springframework:spring-framework-bom from 6.1.18 to 6.1.19 #1978

• Add authorization server metadata for DPoP support #1951
• Add authorization server metadata for OAuth 2.0 Pushed Authorization Requests (PAR) #1975
• Enforce one-time use for request_uri used in PAR #1974
• request_uri used in PAR must be bound to the client #1971
• Use OAuth2ParameterNames.REQUEST_URI #1991
• Validate expiry for request_uri used in PAR #1973
• Verify DPoP Proof public key during refresh_token grant for public clients #1949

• Bump @springio/asciidoctor-extensions from 1.0.0-alpha.16 to 1.0.0-alpha.17 in /docs #1944
• Bump io.spring.security.release from 1.0.3 to 1.0.4 #1968
• Bump io.spring.security.release from 1.0.4 to 1.0.5 #1987
• Bump org.springframework.security:spring-security-bom from 6.5.0-M3 to 6.5.0-RC1 #1990
• Bump org.springframework:spring-framework-bom from 6.2.4 to 6.2.5 #1940
• Bump org.springframework:spring-framework-bom from 6.2.5 to 6.2.6 #1979
• Bump spring-io/spring-doc-actions from 0.0.18 to 0.0.19 #1942

• Add support for OAuth 2.0 Pushed Authorization Requests (PAR) #1925
• Polish JdbcOAuth2AuthorizationService #1908
• Support POST for authorization code request flow #1874
• Use pattern matching #1907

• The default/demo-authorizationserver samples have a redirect loop #1920

• Bump @springio/antora-extensions from 1.14.2 to 1.14.4 in /docs #1917
• Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3 #1923
• Bump org.springframework.security:spring-security-bom from 6.5.0-M2 to 6.5.0-M3 #1935
• Bump org.springframework:spring-framework-bom from 6.2.3 to 6.2.4 #1931

Thank you to all the contributors who worked on this release:

@arefbehboudi, @dependabot[bot], and @sylvain-costanzo

• Fix device access token response error codes #1889

• Bump org.springframework:spring-framework-bom from 6.1.16 to 6.1.17 #1900
• Update samples to Spring Security 6.3.7 #1904
• Update samples to Spring Security 6.3.7-SNAPSHOT #1898
• Update to Spring Security 6.3.7 #1910

Thank you to all the contributors who worked on this release:

@dependabot[bot] and @nwholloway

• Support OAuth 2.0 Demonstrating Proof of Possession (DPoP) #1813

• Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 #1901
• Update to Spring Security 6.5.0-M2 #1905
• Update to Spring Security 6.5.0-SNAPSHOT #1897

Thank you to all the contributors who worked on this release:

@dependabot[bot]

• Add annotation @Override #1878
• Fix broken links in file README #1887
• Replace deprecated fromHttpUrl with fromUriString #1883

• Fix device access token response error codes #1903

• Bump org.springframework:spring-framework-bom from 6.2.1 to 6.2.2 #1881
• Bump org.springframework:spring-framework-bom from 6.2.2 to 6.2.3 #1912
• Update samples to Spring Security 6.3.7 #1906
• Update samples to Spring Security 6.3.7-SNAPSHOT #1899
• Update to Spring Security 6.4.3 #1911

Thank you to all the contributors who worked on this release:

@dependabot[bot], @loren-coding, and @ngocnhan-tran1996

• Use toLower/toUpperCase with Locale argument #1791

• Bump @antora/collector-extension from 1.0.0-beta.3 to 1.0.0-beta.5 in /docs #1830
• Bump @antora/collector-extension from 1.0.0-beta.5 to 1.0.1 in /docs #1855
• Bump antora from 3.2.0-alpha.6 to 3.2.0-alpha.8 in /docs #1854
• Bump com.fasterxml.jackson:jackson-bom from 2.17.2 to 2.17.3 #1807
• Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4 #1806
• Bump org.springframework.security:spring-security-bom from 6.3.4 to 6.3.5 #1833
• Bump org.springframework.security:spring-security-bom from 6.3.5 to 6.3.6 #1862
• Bump org.springframework:spring-framework-bom from 6.1.14 to 6.1.15 #1818
• Bump org.springframework:spring-framework-bom from 6.1.15 to 6.1.16 #1859
• Update Antora UI Spring to v0.4.18 #1825

Thank you to all the contributors who worked on this release:

@dependabot[bot] and @github-actions[bot]

• Polish #1842
• Polish diamond operator #1848
• Use empty map for missing additional parameters #1826

• Bump @antora/collector-extension from 1.0.0-beta.5 to 1.0.1 in /docs #1852
• Bump antora from 3.2.0-alpha.6 to 3.2.0-alpha.8 in /docs #1853
• Bump com.fasterxml.jackson:jackson-bom from 2.18.1 to 2.18.2 #1843
• Bump org.junit.jupiter:junit-jupiter from 5.11.3 to 5.11.4 #1864
• Bump org.springframework.security:spring-security-bom from 6.4.0 to 6.4.1 #1834
• Bump org.springframework.security:spring-security-bom from 6.4.1 to 6.4.2 #1863
• Bump org.springframework:spring-framework-bom from 6.2.0 to 6.2.1 #1858

Thank you to all the contributors who worked on this release:

@TheMrMilchmann, @dependabot[bot], and @ngocnhan-tran1996

• Add SPA sample using Backend For Frontend and Spring Cloud Gateway #1816

• Bump @antora/collector-extension from 1.0.0-beta.3 to 1.0.0-beta.5 in /docs #1829
• Bump com.fasterxml.jackson:jackson-bom from 2.18.0 to 2.18.1 #1792
• Bump com.nimbusds:nimbus-jose-jwt from 9.41.2 to 9.47 #1820
• Bump org-bouncycastle from 1.78.1 to 1.79 #1795
• Bump org.hsqldb:hsqldb from 2.7.3 to 2.7.4 #1804
• Bump org.springframework.security:spring-security-bom from 6.4.0-RC1 to 6.4.0 #1831
• Bump org.springframework:spring-framework-bom from 6.2.0-RC2 to 6.2.0-RC3 #1789
• Bump org.springframework:spring-framework-bom from 6.2.0-RC3 to 6.2.0 #1819
• Update Antora UI Spring to v0.4.18 #1822

Thank you to all the contributors who worked on this release:

@dependabot[bot] and @github-actions[bot]