Ask questionsspring-boot-starter-rsocket pom contains security dependencies
It appears that as of spring-boot-starter-rsocket-2.3.0.M1.pom it contains Spring Security dependencies that are being pulled in transitively. The dependencies are in 2.3.0.M2 and the latest 2.3.0.BUILD-SNAPSHOT:
<dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-config</artifactId> <scope>compile</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-web</artifactId> <scope>compile</scope> </dependency>
This means that simply adding the
spring-boot-starter-rsocket triggers the Spring Boot auto configuration for Security.
This was originally brought to my attention because @joshlong was having difficulties doing a demo and asked for my help. I haven't investigated the scope of the problem, so it would probably be good to check if other dependencies are impacted.
Answer questions rwinch
Thanks for the quick turnaround on this!