Restore dependency convergence of nimbus-jose-jwt

This commit reverts the change in 2801cdd which caused the oauth2-oidc-sdk transitive dependency version of nimbus-jose-jwt to diverge with the version depended on in spring-security-oauth2-jose. The downgrade to 9.24.4 is intentional but the upgrade to 9.31 was not. Issue gh-13333 Closes gh-13843
2025-05-31 09:12:14 +00:00 · 2023-10-09 11:49:00 -05:00 · 2023-10-09 11:49:00 -05:00 · 4ffece7e66
commit 4ffece7e66
parent dfae30a23f
1 changed files with 1 additions and 1 deletions
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@ -20,7 +20,7 @@ ch-qos-logback-logback-classic = "ch.qos.logback:logback-classic:1.4.11"
 com-fasterxml-jackson-jackson-bom = "com.fasterxml.jackson:jackson-bom:2.14.3"
 com-google-inject-guice = "com.google.inject:guice:3.0"
 com-netflix-nebula-nebula-project-plugin = "com.netflix.nebula:nebula-project-plugin:8.2.0"
-com-nimbusds-nimbus-jose-jwt = "com.nimbusds:nimbus-jose-jwt:9.31"
+com-nimbusds-nimbus-jose-jwt = "com.nimbusds:nimbus-jose-jwt:9.24.4"
 com-nimbusds-oauth2-oidc-sdk = "com.nimbusds:oauth2-oidc-sdk:9.43.3"
 com-squareup-okhttp3-mockwebserver = { module = "com.squareup.okhttp3:mockwebserver", version.ref = "com-squareup-okhttp3" }
 com-squareup-okhttp3-okhttp = { module = "com.squareup.okhttp3:okhttp", version.ref = "com-squareup-okhttp3" }