fix(deps): update keycloak.version to v25.0.6 - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.keycloak:keycloak-model-storage (source)	25.0.0 -> 25.0.6
org.keycloak:keycloak-server-spi-private (source)	25.0.0 -> 25.0.6
org.keycloak.bom:keycloak-spi-bom (source)	25.0.0 -> 25.0.6

---

Release Notes

keycloak/keycloak (org.keycloak:keycloak-model-storage)

v25.0.6

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Bugs

• #​30604 Network response was not OK. saml
• #​31165 Re-enabling a temporarily locked user (brute-force) deletes all user properties and attributes admin/ui
• #​32100 Remember Me with External Infinispan is not works properly infinispan
• #​32578 WebAuthn Flows Broken in login.v2 login/ui
• #​32643 Dots are not allowed in the path in Hostname v2 dist/quarkus
• #​32731 KeyCloak Admin Client uses non-standard `@NoCache` annotation which is an issue for Quarkus admin/client-java
• #​32799 Realm import fails when client configures default_acr values import-export
• #​32870 Increased DB activity due to changes in LDAPStorageManager.searchForUserByUserAttributeStream ldap
• #​33115 CVE-2024-8883 Vulnerable Redirect URI Validation Results in Open Redirect
• #​33116 CVE-2024-8698 Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak

v25.0.5

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Bugs

• #​32084 SAML adapter IdMapperUpdaterSessionListener not executed when session ID changes adapter/saml
• #​32754 CVE-2024-7341 Session fixation in the SAML adapters adapter/saml

v25.0.4

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​31963 Upgrade to Infinispan 15.0.7.Final

Bugs

• #​31299 NPM library of account-ui is unusable (@​keycloak/keycloak-account-ui version 25.0.1) account/ui
• #​31304 Hide save / update buttons in account console for READ_ONLY federated accounts account/ui
• #​31340 Hidden options shown in help all dist/quarkus
• #​31386 Joining group for user doesn't list correct number of groups admin/ui
• #​31466 Duplicate Key "validatingX509CertsHelp" in admin-ui messages admin/ui
• #​31519 Admin API extremely slow with service account and fine-grained authorization `view-users` admin/fine-grained-permissions
• #​31545 Event tables have broken aria-labels admin/ui
• #​31558 MSSQL test container can't start ci
• #​31598 CURL commands in build don't check the response code ci
• #​31633 localization not work with user attribute display name in users add admin/ui
• #​31687 "Use metadata descriptor URL" switch is always set to "On" admin/ui
• #​31718 Documentation for `Delete Credential` action and related changes authentication
• #​31781 Keycloak 25 SAML IdP has made Single Logout URL mandatory. saml
• #​31835 Windows builds fail too often due to problems with the download of Node ci
• #​31918 Network error attempting to view events without permissions admin/ui
• #​31929 Network error attempting to view user registeration without permissions admin/ui
• #​32059 Look around window cannot be set to 0 admin/ui
• #​32127 Offline session bug on 25.0.2 core
• #​32150 Session list doesn't handle non-existing client gracefully core
• #​32178 Table names for persistent sessions upgrading guide is wrong docs
• #​32180 Session list not appearing: SQL Error "The incoming request has too many parameters"
• #​32195 Migration to persistent sessions fails from Keycloak version <22 storage

v25.0.2

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​30094 Do not inherit 'https-client-auth' property for the management interface
• #​30537 Document how Admin REST API endpoints work with Hostname config docs
• #​30856 Remove inclusive language foreword docs

Bugs

• #​19070 authBaseUrl error on different hostname-admin-url, hostname-url admin/ui
• #​26042 Issue when start-dev in 23.0.1 dist/quarkus
• #​28489 Missing help text on tokens tab admin/ui
• #​29407 Need refresh attributes group translations on Users > Details tab admin/ui
• #​29566 User Profile attributes/groups in Admin UI are not translated using Localization for non-master realm when signed in the master realm account/ui
• #​29761 bug: disabling all default features no longer works core
• #​29784 Exception while trying to run a LDAP sync with a group importer and a batch size less then the actual number of groups ldap
• #​30329 Client secret rotation UI shows wrong rotated secret admin/ui
• #​30355 New operator failing on health checks operator
• #​30383 Account Console (v3) no longer highlights the current page in the nav bar account/ui
• #​30436 Client Roles are not shown when clientId property is set admin/ui
• #​30440 UI theme bug in KC 25.0.0 admin/ui
• #​30444 Failed to evaluate permissions when fetchRoles is enabled on role policies authorization-services
• #​30449 Migration stuck if versions incompatible operator
• #​30521 "Client Offline Session Max" no longer available admin/ui
• #​30541 Account UI resources try to load from admin path instead of frontend path account/ui
• #​30552 After migrating from 24 to 25, the signature algorithms names do not display in drop down menu admin/ui
• #​30591 Invalid character in spanish translation file for Identity Provider Link Template translations
• #​30652 Default server port is used instead of the management interface port in the guide about running Keycloak in a container
• #​30662 User policy -> select user shows user id instead of user name. admin/ui
• #​30712 Remove of Multivalued Attribute due to - Adding translations when a new attribute is created admin/ui
• #​30717 Broken external links docs
• #​30821 Testing connection to ldap on the settings page does not work in 25.0.1 ldap
• #​30837 Cannot find requested client with clientId ldap
• #​30866 admin-cli invalid credentials admin/cli
• #​30917 reCAPTCHA Enterprise v3 - Unrecognized field "accountDefenderAssessment" core
• #​30947 Error when trying to edit authentication sub-flow name / description admin/ui
• #​30992 Realm cannot be deleted if there are tons of consents storage
• #​31014 "Verify Email" may cause other Required Actions to be ignored authentication
• #​31050 Caching docs should name parameter runtime parameters, not build parameters docs
• #​31146 IDP SAML Certificate should be text-area not text admin/ui
• #​31167 After creating a new authentication flow and returning to the list, the "Used by" column displays "flow.undefined" admin/ui
• #​31171 Single use tokens, like action tokens, has a claim `expiration` core
• #​31187 Recaptcha links changed in the Google Docs docs
• #​31196 The check for userdn in test ldap should consider that AD proxy user can be in non DN format ldap
• #​31218 Clarify if JGroups thread metrics can be shown with embedded Infinispan
• #​31219 [Docs] Broken link in Server Admin guide for JWT_Auth wiki docs
• #​31224 Offline tokens created in Keycloak 9 will not work on Keycloak 25 oidc
• #​31244 IdP redirect URL shows hostname_admin admin/ui
• #​31267 multiple ldap url's not working on one realm ldap

v25.0.1

Compare Source

Upgrading

Before upgrading refer to the migration guide for a complete list of changes.

All resolved issues

Enhancements

• #​19750 Use a proper FreeMarker template for the new consoles account/ui
• #​30346 Enhance masking around config-keystore dist/quarkus

Bugs

• #​25234 front channel logout to clients are not called at Identity Proxy when using front channel logout to Identity Provider( oidc
• #​28643 Encountering `NullPointerException` - `KeycloakIdentity.getUserFromToken()` when running `admin-ui` locally admin/ui
• #​30115 Admin v2 theme - theme.properties Custom theme scripts not loading admin/ui
• #​30201 Keycloak CI - failure in Store IT (aurora-postgres) ci
• #​30240 Custom attributes are removed during UPDATE PROFILE event core
• #​30300 Upgrade to Keycloak 25 - Table 'USER_CONSENT' is specified twice on MySQL/MariaDB database core
• #​30302 Methods of SimpleHttp are after change now too much protected core
• #​30306 Upgrade to Keycloak 25 - Events bug in UI admin/ui
• #​30332 Operator fails to patch ingress after update to 25.0.0 operator
• #​30334 RESTART_AUTHENTICATION_ERROR when login in in private browser window after 25.0.0 update core
• #​30351 Migration of sessions in KC25 should run only on migration, not on imports
• #​30368 Documentation : label error for persistent-user-sessions feature flag docs
• #​30417 Keycloak 25 db guide shows unevaluated "ifeval docs
• #​30432 keycloak hostname:v2 /admin used on "hostname" instead of "hostname-admin" admin/ui
• #​30434 Improvements for ldap test authentication ldap
• #​30492 partial_import_test fails randomly admin/ui

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud