Bump io.jsonwebtoken:jjwt-impl from 0.12.5 to 0.12.6
Bumps io.jsonwebtoken:jjwt-impl from 0.12.5 to 0.12.6.
Release notes
Sourced from io.jsonwebtoken:jjwt-impl's releases.
0.12.6
This patch release:
- Ensures that after successful JWS signature verification, an application-configured Base64Url
Decoder
output is used to construct aJws
instance (instead of JJWT's default decoder). See jwtk/jjwt#947.- Fixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a
zip
header ofGZIP
. See jwtk/jjwt#949.- Upgrades BouncyCastle to 1.78 via jwtk/jjwt#941
- Usees Acsiidoc as README format by
@bdemers
in jwtk/jjwt#777- Allows using GenericSecret for HmacSHA* algorithms by
@mnylen
in jwtk/jjwt#935- Enables JWE arbitrary content compression by
@mnylen
in jwtk/jjwt#937New Contributors
@mnylen
made their first contribution in jwtk/jjwt#935Full Changelog: https://github.com/jwtk/jjwt/compare/0.12.5...0.12.6
Changelog
Sourced from io.jsonwebtoken:jjwt-impl's changelog.
0.12.6
This patch release:
- Ensures that after successful JWS signature verification, an application-configured Base64Url
Decoder
output is used to construct aJws
instance (instead of JJWT's default decoder). See Issue 947.- Fixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a
zip
header ofGZIP
. See Issue 949.- Upgrades BouncyCastle to 1.78 via PR 941.
Commits
-
0df9756
[maven-release-plugin] prepare release 0.12.6 -
aacdfdc
- Updated README.adoc:project-version:
to be0.12.6
. -
d14f27b
Bump org.bouncycastle:bcprov-jdk18on from 1.76 to 1.78 (#941) -
0c2d96c
Fixes #949 (#950) -
a7de554
Fixes #947 (#948) -
7543248
Bump org.bouncycastle:bcpkix-jdk18on from 1.76 to 1.78 (#943) -
3489fdb
JWE arbitrary content compression (#937) -
23d9a33
Allow using GenericSecret for HmacSHA* (#935) -
c673b76
Update SECURITY.md -
2694861
Use Acsiidoc as README format (#777) - Additional commits viewable in compare view
Dependabot commands
You can trigger Dependabot actions by commenting on this MR
-
$dependabot recreate
will recreate this MR rewriting all the manual changes and resolving conflicts