Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WFLY-19108] Bump org.bitbucket.b_c:jose4j from 0.9.4 to 0.9.6 #17696

Merged
merged 1 commit into from Mar 8, 2024
Merged

[WFLY-19108] Bump org.bitbucket.b_c:jose4j from 0.9.4 to 0.9.6 #17696

merged 1 commit into from Mar 8, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 6, 2024
edited by wildfly-bot bot

Bumps org.bitbucket.b_c:jose4j from 0.9.4 to 0.9.6.

Commits
  • e2bdbdf [maven-release-plugin] prepare for next development iteration
  • 3e97f62 Attempt to provide somewhat better error messages for invalid JWTs (especiall...
  • 8b2316f JsonWebKey.Factory.newJwk(Key key) to throw an exception when given a private...
  • fa33e98 Fix JWKS key resolution for ECDH-ES* decryption with OKP keys (issue #218)
  • db3a62d Add option for SimpleJwkFilter to use more than one kty value as criteria
  • 93247d8 [maven-release-plugin] prepare release jose4j-0.9.5
  • 996b337 [maven-release-plugin] prepare for next development iteration
  • a3a21a6 discontinue use wrapper class constructors that are deprecated for removal (t...
  • 19a90a6 Safeguard against excessive resource utilization by restricting the size of d...
  • 46f3a2a [maven-release-plugin] prepare release jose4j-0.9.6
  • See full diff in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

<--- THIS SECTION IS AUTOMATICALLY GENERATED BY WILDFLY GITHUB BOT. ANY MANUAL CHANGES WILL BE LOST. --->

Wildfly issue links:

<--- END OF WILDFLY GITHUB BOT REPORT --->

@dependabot
Bump org.bitbucket.b_c:jose4j from 0.9.4 to 0.9.6
9c9ade1 
Bumps [org.bitbucket.b_c:jose4j](https://bitbucket.org/b_c/jose4j) from 0.9.4 to 0.9.6.
- [Commits](https://bitbucket.org/b_c/jose4j/branches/compare/jose4j-0.9.6..jose4j-0.9.4)

---
updated-dependencies:
- dependency-name: org.bitbucket.b_c:jose4j
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Mar 6, 2024
@wildfly-bot wildfly-bot
Copy link

wildfly-bot bot commented Mar 6, 2024

WildFly Bot recognized this PR as dependabot dependency update. Please create a WFLY issue and add new comment containing this JIRA link please.

@github-actions github-actions bot added the deps-ok Dependencies have been checked, and there are no significant changes label Mar 6, 2024
@darranl darranl self-requested a review March 8, 2024 18:12
@darranl
Copy link
Contributor

darranl commented Mar 8, 2024

SmallRye JWT is at 0.9.6 https://github.com/smallrye/smallrye-jwt/blob/main/pom.xml#L40

@darranl darranl changed the title Bump org.bitbucket.b_c:jose4j from 0.9.4 to 0.9.6 [WFLY-19108] Bump org.bitbucket.b_c:jose4j from 0.9.4 to 0.9.6 Mar 8, 2024
@darranl
Copy link
Contributor

darranl commented Mar 8, 2024

https://issues.redhat.com/browse/WFLY-19108

@darranl
Copy link
Contributor

darranl commented Mar 8, 2024

Also tested against WildFly Elytron CI wildfly-security/wildfly-elytron#2102

@bstansberry bstansberry merged commit 5216b80 into main Mar 8, 2024
13 of 15 checks passed
@bstansberry
Copy link
Contributor

Thanks @darranl

@dependabot dependabot bot deleted the dependabot/maven/org.bitbucket.b_c-jose4j-0.9.6 branch March 8, 2024 21:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@darranl darranl darranl approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file deps-ok Dependencies have been checked, and there are no significant changes java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
2 participants
@darranl @bstansberry