fix(deps): update dependency org.springframework.security:spring-security-bom to v6.1.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.springframework.security:spring-security-bom (source)	6.1.0 -> 6.1.1

---

Release Notes

spring-projects/spring-security

v6.1.1

Compare Source

⭐ New Features

• Add initial Native section to reference docs #​13236
• Align Resource Server documentation with Boot's capabilities #​13239
• Convert to Asciidoctor Tabs #​13407
• Document How to Handle Method Security in Native Image #​13237
• Improve javadoc about deprecation of .and() and non-Customizer methods #​13273
• Make eclipse/vscode project import work #​13284
• Mention that authorizeHttpRequests does not support GrantedAuthorityDefaults #​13229
• mockOAuth2Login() does not work in collaboration with Spring Cloud Gateway and TokenRelayGatewayFilter #​13254
• Use Antora name of security #​13331

🪲 Bug Fixes

• Additional filters registered when using Custom DSL #​13282
• AOT Fails to proxy #​13369
• CasAuthenticationFilter.successfulAuthentication missing call to securityContextRepository.saveContext #​13243
• DefaultAuthorizationCodeTokenResponseClient.getTokenResponse(OAuth2AuthorizationCodeGrantRequest) can return null #​13223
• Deprecated hint on BasicAuthenticationFilter #​13279
• Document missing OAuth2LoginAuthenticationFilter set AuthorizationRequestRepository #​13193
• Fix Antora Warnings #​13294
• Fix constant value in XContentTypeOptionsServerHttpHeadersWriter #​13221
• Fix Documentation Title #​13318
• Fix legacy-websocket-configuration cross-reference #​13206
• Fix type on method-security.adoc #​13212
• http://www.springframework.org/schema/security/spring-security.xsd returns 404 #​13209
• Migration to EnableMethodSecurity break Transactional on custom PermissionEvaluator #​13218
• No longer maintained net.sourceforge.nekohtml with known security issues #​13287
• Provide meaningful error when invalid client-authentication-method is provided #​13309
• Proxy Server section is not linked in nav #​13324
• Use consistent list of micrometer tags in web observation handler #​13190
• UserBuilder does not allow authorities to be overridden #​13290

🔨 Dependency Upgrades

• Update cas-client-core to 4.0.2 #​13342
• Update com.nimbusds to 9.43.3 #​13335
• Update hsqldb to 2.7.2 #​13343
• Update io.projectreactor to 2022.0.8 #​13338
• Update io.rsocket to 1.1.4 #​13340
• Update io.spring.javaformat to 0.0.39 #​13341
• Update logback-classic to 1.4.8 #​13334
• Update micrometer-observation to 1.10.8 #​13337
• Update org.jetbrains.kotlin to 1.8.22 #​13344
• Update org.springframework to 6.0.10 #​13345
• Update org.springframework.data to 2022.0.7 #​13346
• Update reactor-netty to 1.1.8 #​13339
• Update spring-ldap-core to 3.0.4 #​13347
• Update unboundid-ldapsdk to 6.0.9 #​13336

❤️ Contributors

We'd like to thank all the contributors who worked on this release!

• @​dkorotych
• @​mariodmpereira

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.