Expected Behavior When I need to update my schema declarations, I'd like to know why. Please update the exception error message to correctly show the conflicting version. Or modify it that you need to use the current version?
Current Behavior
Currently, an exception is triggered when I still use spring-security-6.4.xsd in my configuration:
org.springframework.beans.factory.parsing.BeanDefinitionParsingException: Configuration problem: You cannot use a
spring-security-2.0.xsd or spring-security-3.0.xsd or spring-security-3.1.xsd schema or spring-security-3.2.xsd schema
or spring-security-4.0.xsd schema with Spring Security 6.5. Please update your schema declarations to the 6.5 schema.
Context Dependabot updated 6.4.5 to 6.5.0 and this error popped up. Since the message isn't very clear (referring to old versions), I had to check this out locally and fix it.
Comment From: jzheaux
Hi, @evandongen, Spring Security does not support XSD schemas across minor releases.
I think the error message is incomplete and should be updated to say something like "You cannot use any XSD older than spring-security-6.5.xsd. Either change to spring-security.xsd or spring-security-6.5.xsd".
Are you able to use spring-security.xsd instead or is there a reason you need to remain on a specific version of the XSD?
Comment From: evandongen
@jzheaux , no specific reason that I know of. If we can use the "spring-security.xsd", I suppose that's the latest version. Will we be able to use "spring-security.xsd" if we haven't updated to that version yet in our code? In other words: is it backwards compatible?
Comment From: jzheaux
Yes, spring-security.xsd is backwards compatible for minor and maintenance releases.