chore(deps): update plugin-deps

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.apache.maven.plugins:maven-surefire-report-plugin	3.5.1 -> 3.5.2
org.apache.maven.plugins:maven-surefire-plugin	3.5.1 -> 3.5.2
com.fasterxml.jackson.core:jackson-core	2.18.0 -> 2.18.1
org.keycloak:keycloak-crypto-default (source)	26.0.0 -> 26.0.5
org.keycloak:keycloak-saml-core (source)	26.0.0 -> 26.0.5
org.keycloak:keycloak-services (source)	26.0.0 -> 26.0.5
org.keycloak:keycloak-server-spi-private (source)	26.0.0 -> 26.0.5
org.keycloak:keycloak-server-spi (source)	26.0.0 -> 26.0.5
org.keycloak:keycloak-core (source)	26.0.0 -> 26.0.5

---

Release Notes

keycloak/keycloak (org.keycloak:keycloak-crypto-default)

v26.0.5

Compare Source

Highlights

LDAP users are created as enabled by default when using Microsoft Active Directory

If you are using Microsoft AD and creating users through the administrative interfaces, the user will created as enabled by default.

In previous versions, it was only possible to update the user status after setting a (non-temporary) password to the user. This behavior was not consistent with other built-in user storages as well as not consistent with others LDAP vendors supported by the LDAP provider.

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Bugs

• #​31415 Selection list does not close after outside click admin/ui
• #​33607 Fix v2 login layout login/ui
• #​33618 No message for `policyGroupsHelp` admin/ui
• #​33640 Customizable footer (Keycloak 26) not displaying in keycloak.v2 login theme login/ui
• #​34301 Remove inaccurate statement about master realm imports docs
• #​34450 [26.0.2] Migration from 25.0.1 Identity Provider Errors identity-brokering
• #​34467 Do not rely on the `pwdLastSet` attribute when updating AD entries ldap

v26.0.4

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​34284 Keycloak-admin-client should work with the future versions of Keycloak server admin/client-java
• #​34382 Make the organization chapter of Server Admin guide available on downstream

Bugs

• #​14562 Broken Promise implementation for AuthZ JS adapter/javascript
• #​25917 Allow increasing wait time on each failure after the max number of failures is reached authentication
• #​33627 ClassNotFoundException OracleXADataSource/OracleDataSource using IDELauncher with Keycloak 26.0.0 dist/quarkus
• #​33731 Client Scope updates are not replicated on a distributed keycloak setup in kubernetes admin/api
• #​33798 CVE-2021-44549 - org.eclipse.angus/angus-mail: Enabling Secure Server Identity Checks for Safer SMTPS Communication dist/quarkus
• #​33987 keycloak.v2 registration: Password policy validation error "errorList is null" login/ui
• #​34042 LDAP Pagination not working for role membership in GET_ROLES_FROM_USER_MEMBEROF_ATTRIBUTE strategy ldap
• #​34050 Listing federated LDAP users is very slow with import enabled ldap
• #​34093 java.util.ConcurrentModificationException when process user sessions update infinispan
• #​34412 LDAP: searching users with import disabled is slower since fix for 34050 ldap

v26.0.3

Compare Source

v26.0.2

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​32110 [Documentation] - Configuring trusted certificates - Fully specify truststore path dist/quarkus

Bugs

• #​15635 oidc - JavaScript-Adapter LocalStorage#clearExpired does not clear all possible items adapter/javascript
• #​19101 Uncaught (in promise): QuotaExceededError adapter/javascript
• #​20287 When using `oidcProvider` config url (.well-known) it's not possible to use `silentCheckSsoRedirectUri` adapter/javascript
• #​28978 some GUI validation check missing admin/ui
• #​30832 Organization API not available from OpenAPI documentation admin/api
• #​31724 Logout not working after removing Identity Provider of user identity-brokering
• #​33072 Passkeys: Infinite (re-)loading loop on browsers with WebAuthn Conditional UI disabled authentication/webauthn
• #​33844 Wrong documentation link in keycloak-js readme docs
• #​33902 Not persisted config settings prevent server start dist/quarkus
• #​33948 [PERF] OpenTelemetry is initialized even when disabled
• #​33968 Not possible to close dialog boxes when clicking buttons or the close icon admin/ui
• #​33991 Doc CI - broken links error docs
• #​34009 grammatical error in "Managing Organizations" documentation docs
• #​34015 Home URL for security-admin-console is broken admin/ui
• #​34028 Custom keycloak login theme styles.css return error 404 login/ui
• #​34049 Org Invite: `linkExpiration` template variable represents 54 years in minutes organizations
• #​34063 Respect the locale set to a user when redering verify email pages user-profile
• #​34069 Do not show domain match message in the identity-first login when no login hint is provided organizations
• #​34075 Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled ci
• #​34095 Keycloak 26.0.0/26.0.1 Import Issue: Multiple Realms Not Imported, Duplicated Realm Imported Instead import-export
• #​34151 JS password validation doesn't work as intended with uppercase and lowercase minimum requirements login/ui
• #​34155 cli options starting or ending with ; or containing ;; mangle the cli handling dist/quarkus
• #​34224 Deleting a user leads to ISPN marshalling exception

v26.0.1

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​32152 Clarify the behaviour of multiple Operator versions installed in the same cluster operator
• #​33275 Better logging when error happens during transaction commit storage

Bugs

• #​8935 keycloak.js example from the documentation leads to error path adapter/javascript
• #​19358 Issue with concurrent user & group delete, unable to cleanup resource server user-policy & group-policy authorization-services
• #​31848 Repeated email verifications while logging in through IDP caused by email case sensitivity authentication
• #​32266 LDAP Import: KERBEROS_PRINCIPAL not updated when UserPrincipal changes and user already exists ldap
• #​32617 Nightly Cypress tests for the Admin Console are failing on Firefox admin/ui
• #​32844 Login V2: Missing "dir" attributes login/ui
• #​32847 Admin UI defaults to master realm even without permissions to it admin/ui
• #​32962 Possible issue with unavailable CryptoIntegration when using keycloak-authz-client with private_key_jwt and ECDSA algorithm oidc
• #​33513 Can get authorization code on a non verified user with some specific kc_action (AIA) oidc
• #​33539 Keycloak In Docker: ERROR: Strict hostname resolution configured but no hostname setting provided docs
• #​33549 Flaky test: org.keycloak.testsuite.broker.KcOidcBrokerTest#testPostBrokerLoginFlowWithOTP_bruteForceEnabled ci
• #​33557 Unable to submit forms in Safari account/ui
• #​33576 Broken links / anchors after KC26 release docs
• #​33578 In imported realms, the ability to use environment variables has disappeared import-export
• #​33585 Fix runaway asterisk formatting in TLS documentation docs
• #​33638 Non-optimized start command gives erroneous warnings for runtime spi options dist/quarkus
• #​33642 RTL not working on keycloak.v2 login template login/ui
• #​33645 keycloak-js register broken: createRegisterUrl not awaited adapter/javascript
• #​33699 Failure to redirect to organization IdP when the organization scope is included organizations
• #​33735 Organizations section is shown in account console if organizations is not enabled for a realm. account/ui
• #​33776 [Regression] 26.0.0 return empty "access: []" JWT for Docker-v2 Auth provider, resulting in "access denied" authentication
• #​33777 Error when adding or removing a user from an organisation when there are 2 or more Keycloak servers in a cluster organizations
• #​33780 Upgrade to 26 fails with 'ERROR: index "idx_us_sess_id_on_cl_sess" does not exist' core
• #​33814 NPE when device representation cannot be parsed authentication
• #​33817 NEP when Default Role is not present on CachedRealm infinispan
• #​33874 [Keycloak CI] - AuroraDB IT - Error creating EC2 runner instance
• #​33875 [Keycloak CI] - FIPS IT - Failed to fetch maven
• #​33883 Auth not possible for auth session where user was enabled in the meantime authentication
• #​33907 NPE thrown in whoami endpoint admin/ui
• #​33967 password is a required field admin/ui

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.