Skip to content

Bump keycloak.version from 26.6.0 to 26.6.4 in /conf/keycloak/builtin-users-spi#12510

Merged
pdurbin merged 1 commit into
developfrom
dependabot/maven/conf/keycloak/builtin-users-spi/keycloak.version-26.6.4
Jul 2, 2026
Merged

Bump keycloak.version from 26.6.0 to 26.6.4 in /conf/keycloak/builtin-users-spi#12510
pdurbin merged 1 commit into
developfrom
dependabot/maven/conf/keycloak/builtin-users-spi/keycloak.version-26.6.4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps keycloak.version from 26.6.0 to 26.6.4.
Updates org.keycloak:keycloak-server-spi from 26.6.0 to 26.6.4

Release notes

Sourced from org.keycloak:keycloak-server-spi's releases.

26.6.4

26.6.3

... (truncated)

Commits
  • dc1bfc5 Set version to 26.6.4
  • 39d40b1 fix(keycloak-admin-client): fix JS failures due to Kiota bug (#49643)
  • d459fc3 Upgrade to Quarkus 3.33.2.1 (#776)
  • 6d61885 CVE-2026-11800 Remove support for symmetric algorithms in JWT public key vali...
  • 32cdceb Consider case-sensitivity when validating prohibited schemes of client URIs (...
  • 1bc0dd3 Restrict java keystore files to a realm folder (#703)
  • be81d60 CVE-2026-9705 check if client is enabled when RAT is used
  • 11b83fc GroupResource.addChild missing requireManage(child) (#707)
  • e5507d9 [26.6] Missing requireMapClientScope in ScopeMappedResource and ScopeMappedCl...
  • bdb4db3 Skip owner managed resources when enforcement mode is set to permissive (#692)
  • Additional commits viewable in compare view

Updates org.keycloak:keycloak-server-spi-private from 26.6.0 to 26.6.4

Release notes

Sourced from org.keycloak:keycloak-server-spi-private's releases.

26.6.4

26.6.3

... (truncated)

Commits
  • dc1bfc5 Set version to 26.6.4
  • 39d40b1 fix(keycloak-admin-client): fix JS failures due to Kiota bug (#49643)
  • d459fc3 Upgrade to Quarkus 3.33.2.1 (#776)
  • 6d61885 CVE-2026-11800 Remove support for symmetric algorithms in JWT public key vali...
  • 32cdceb Consider case-sensitivity when validating prohibited schemes of client URIs (...
  • 1bc0dd3 Restrict java keystore files to a realm folder (#703)
  • be81d60 CVE-2026-9705 check if client is enabled when RAT is used
  • 11b83fc GroupResource.addChild missing requireManage(child) (#707)
  • e5507d9 [26.6] Missing requireMapClientScope in ScopeMappedResource and ScopeMappedCl...
  • bdb4db3 Skip owner managed resources when enforcement mode is set to permissive (#692)
  • Additional commits viewable in compare view

Updates org.keycloak:keycloak-services from 26.6.0 to 26.6.4

Release notes

Sourced from org.keycloak:keycloak-services's releases.

26.6.4

26.6.3

... (truncated)

Commits
  • dc1bfc5 Set version to 26.6.4
  • 39d40b1 fix(keycloak-admin-client): fix JS failures due to Kiota bug (#49643)
  • d459fc3 Upgrade to Quarkus 3.33.2.1 (#776)
  • 6d61885 CVE-2026-11800 Remove support for symmetric algorithms in JWT public key vali...
  • 32cdceb Consider case-sensitivity when validating prohibited schemes of client URIs (...
  • 1bc0dd3 Restrict java keystore files to a realm folder (#703)
  • be81d60 CVE-2026-9705 check if client is enabled when RAT is used
  • 11b83fc GroupResource.addChild missing requireManage(child) (#707)
  • e5507d9 [26.6] Missing requireMapClientScope in ScopeMappedResource and ScopeMappedCl...
  • bdb4db3 Skip owner managed resources when enforcement mode is set to permissive (#692)
  • Additional commits viewable in compare view

Updates org.keycloak:keycloak-model-jpa from 26.6.0 to 26.6.4

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps `keycloak.version` from 26.6.0 to 26.6.4.

Updates `org.keycloak:keycloak-server-spi` from 26.6.0 to 26.6.4
- [Release notes](https://github.com/keycloak/keycloak/releases)
- [Commits](keycloak/keycloak@26.6.0...26.6.4)

Updates `org.keycloak:keycloak-server-spi-private` from 26.6.0 to 26.6.4
- [Release notes](https://github.com/keycloak/keycloak/releases)
- [Commits](keycloak/keycloak@26.6.0...26.6.4)

Updates `org.keycloak:keycloak-services` from 26.6.0 to 26.6.4
- [Release notes](https://github.com/keycloak/keycloak/releases)
- [Commits](keycloak/keycloak@26.6.0...26.6.4)

Updates `org.keycloak:keycloak-model-jpa` from 26.6.0 to 26.6.4

---
updated-dependencies:
- dependency-name: org.keycloak:keycloak-server-spi
  dependency-version: 26.6.4
  dependency-type: direct:production
- dependency-name: org.keycloak:keycloak-server-spi-private
  dependency-version: 26.6.4
  dependency-type: direct:production
- dependency-name: org.keycloak:keycloak-services
  dependency-version: 26.6.4
  dependency-type: direct:production
- dependency-name: org.keycloak:keycloak-model-jpa
  dependency-version: 26.6.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 2, 2026
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown

Test Results

403 tests  ±0   388 ✅ ±0   38m 6s ⏱️ +43s
 55 suites ±0    15 💤 ±0 
 55 files   ±0     0 ❌ ±0 

Results for commit 7a91cdd. ± Comparison against base commit 741c5da.

@qqmyers qqmyers moved this to Ready for Triage in IQSS Dataverse Project Jul 2, 2026
@github-project-automation github-project-automation Bot moved this from Ready for Triage to Ready for QA ⏩ in IQSS Dataverse Project Jul 2, 2026
@pdurbin pdurbin moved this from Ready for QA ⏩ to QA ✅ in IQSS Dataverse Project Jul 2, 2026
@pdurbin pdurbin merged commit 0df5da7 into develop Jul 2, 2026
10 checks passed
@github-project-automation github-project-automation Bot moved this from QA ✅ to Merged 🚀 in IQSS Dataverse Project Jul 2, 2026
@dependabot dependabot Bot deleted the dependabot/maven/conf/keycloak/builtin-users-spi/keycloak.version-26.6.4 branch July 2, 2026 20:00
@pdurbin pdurbin removed their assignment Jul 2, 2026
@pdurbin pdurbin added this to the 6.12 milestone Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

Status: Merged 🚀

Development

Successfully merging this pull request may close these issues.

2 participants