Skip to content

Null safety via JSpecify #16882

New issue
New issue
Open
2 of 5 issues completed
Open
Null safety via JSpecify#16882
2 of 5 issues completed
Assignees
rwinch
Labels
type: enhancementA general enhancementtype: themeAn issue that describes a theme for a release
Milestone
7.0.x
@rwinch

Description

@rwinch
rwinch
opened on Apr 4, 2025 · edited by rwinch
Member

Spring Security should adopt JSpecify for Null safety as is done in Spring Framework

Related spring-projects/spring-framework#28797

Notes on Changes

Prior to this work, passwords were sometimes treated as never null, but the reality is that they could be null (when clearCredentials was invoked). This inconsistency was also present in APIs (e.g. PasswordEncoder) that produced and consumed passwords. The semantic meaning of a null password is now clearly defined as no password for the user.

NOTE: This is done in the parent issue vs each module because things like nullability of passwords impacts more than just the core project where the API is defined.

Sub-issues

Sub-issues

2 of 5 Issues completed

Activity

rwinch
added
type: enhancementA general enhancement
type: themeAn issue that describes a theme for a release
on Apr 4, 2025
rwinch
added this to the 7.0.x milestone on Apr 4, 2025
rwinch
self-assigned this
on Jul 15, 2025
rwinch
added sub-issues on Jul 16, 2025
rwinch
added a commit that references this issue on Jul 22, 2025

Add spring nullability

bc4ec39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

type: enhancementA general enhancementtype: themeAn issue that describes a theme for a release

Type

No type

Projects

No projects

Milestone

Relationships

None yet

    Development

    No branches or pull requests

      Participants

      @rwinch

      Issue actions
        Null safety via JSpecify · Issue #16882 · spring-projects/spring-security