Plone.session

------------------

Bug fixes:


- Do not set an auth cookie after password reset, unless the user is authenticated.
Otherwise anonymous users will be logged in immediately, even when autologin after password reset is false.
Fixes `issue 3835 <https://github.com/plone/Products.CMFPlone/issues/3835>`_.
[maurits] (3835)


Internal:


- Update configuration files.
[plone devs] (7723aeaf)

------------------

Bug fixes:


- Remove circular dependency on Products.CMFPlone. Use moved imports from plone.base instead.
[jensens] (38)


Internal:


- Update configuration files.
[plone devs] (a533099d)

------------------

Bug fixes:


- Declare all dependencies.
[gforcada] (1)

------------------

Internal:


- Update code to current Plone meta standards.
[gforcada, maurits] (1)

------------------

Bug fixes:


- Final release for Plone 6.0.0 (600)

--------------------

New features:


- Creating per-user keyrings in order to have session invalidation on log-out (server-side logout). [david-batranu] (26)
- Cookie attribute SameSite is set to "Lax". (29)