As of #17534, JSpecify annotations have been introduced in spring-security-core.
SecurityContext.getAuthentication returns a @Nullable value, but the AuthenticationTrustResolver counterpart is out of sync.
The AuthenticationTrustResolver interface is missing @Nullable annotations for isAnonymous, isRememberMe and isFullyAuthenticated as they all take nullable Authentication parameters per Javadoc.
Comment From: rwinch
Thanks for the report @bclozel! I closed this in favor of the PR gh-17774