webauthn4j
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/ci.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/pr-gate-ci.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/pr-gate-ci.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎build.gradle‎
Lines changed: 3 additions & 3 deletions b/‎build.gradle‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎package-lock.json‎
Lines changed: 10 additions & 0 deletions b/‎package-lock.json‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎samples/fido-server-conformance-test-app/src/main/java/com/webauthn4j/springframework/security/webauthn/sample/app/config/WebSecurityConfig.java‎
Lines changed: 11 additions & 11 deletions b/‎samples/fido-server-conformance-test-app/src/main/java/com/webauthn4j/springframework/security/webauthn/sample/app/config/WebSecurityConfig.java‎
Lines changed: 11 additions & 11 deletions
@@ -72,5 +72,5 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: if not "${{ secrets.SONAR_TOKEN }}" == "" gradlew jacocoTestReport sonarqube check javadoc asciidoc -Dsonar.organization=webauthn4j -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=${{ secrets.SONAR_TOKEN }}
+        run: if not "${{ secrets.SONAR_TOKEN }}" == "" gradlew jacocoTestReport sonar check javadoc asciidoc -Dsonar.organization=webauthn4j -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=${{ secrets.SONAR_TOKEN }}
         shell: cmd
@@ -64,5 +64,5 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: if not "${{ secrets.SONAR_TOKEN }}" == "" gradlew jacocoTestReport sonarqube check javadoc asciidoc -Dsonar.organization=webauthn4j -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=${{ secrets.SONAR_TOKEN }}
+        run: if not "${{ secrets.SONAR_TOKEN }}" == "" gradlew jacocoTestReport sonar check javadoc asciidoc -Dsonar.organization=webauthn4j -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=${{ secrets.SONAR_TOKEN }}
         shell: cmd
@@ -18,16 +18,16 @@ buildscript {
     ext{
         //Plugins
         springBootVersion = '2.7.9'
-        sonarqubeVersion = '4.0.0.2929'
+        sonarqubeVersion = '3.5.0.2730'
         asciidoctorGradleVersion = "3.3.2"
         artifactoryVersion = '4.31.5'
         bintrayVersion = '1.8.5'
-        owaspDependencyCheckVersion = '8.1.0'
+        owaspDependencyCheckVersion = '8.1.2'
         httpBuilderVersion = '0.7.2'
 
         //Libraries
         webauthn4jVersion = '0.21.0.RELEASE'
-        springSecurityVersion = '5.7.6'
+        springSecurityVersion = '5.8.2'
         hibernateValidatorVersion = '6.2.5.Final'
         thymeleafVersion = '3.0.4.RELEASE'
         modelMapperVersion = '3.1.1'
 
@@ -103,7 +103,7 @@ public AuthenticationManager authenticationManager(List<AuthenticationProvider>
     public WebSecurityCustomizer webSecurityCustomizer() {
         return (web) -> {
             // ignore static resources
-            web.ignoring().antMatchers(
+            web.ignoring().requestMatchers(
                     "/favicon.ico",
                     "/static/**",
                     "/webjars/**");
@@ -144,21 +144,21 @@ public SecurityFilterChain filterChain(HttpSecurity http, AuthenticationManager
         http.addFilterAfter(fidoServerAssertionResultEndpointFilter, SessionManagementFilter.class);
 
         // Authorization
-        http.authorizeRequests()
-                .mvcMatchers("/").permitAll()
-                .mvcMatchers("/api/auth/status").permitAll()
-                .mvcMatchers(HttpMethod.GET, "/login").permitAll()
-                .mvcMatchers(HttpMethod.POST, "/api/profile").permitAll()
-                .mvcMatchers("/health/**").permitAll()
-                .mvcMatchers("/info/**").permitAll()
-                .mvcMatchers("/h2-console/**").denyAll()
-                .mvcMatchers("/api/admin/**").hasRole(ADMIN_ROLE)
+        http.authorizeHttpRequests()
+                .requestMatchers("/").permitAll()
+                .requestMatchers("/api/auth/status").permitAll()
+                .requestMatchers(HttpMethod.GET, "/login").permitAll()
+                .requestMatchers(HttpMethod.POST, "/api/profile").permitAll()
+                .requestMatchers("/health/**").permitAll()
+                .requestMatchers("/info/**").permitAll()
+                .requestMatchers("/h2-console/**").denyAll()
+                .requestMatchers("/api/admin/**").hasRole(ADMIN_ROLE)
                 .anyRequest().fullyAuthenticated();
 
         //TODO:
         http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
 
-        http.csrf().ignoringAntMatchers("/webauthn/**");
+        http.csrf().ignoringRequestMatchers("/webauthn/**");
 
         http.authenticationManager(authenticationManager);