snyk-bot
1465a55a39
fix: pom.xml to reduce vulnerabilities
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244
2022-03-26 02:16:56 +00:00
snyk-bot
20b04372d2
fix: upgrade com.google.code.gson:gson from 2.8.8 to 2.8.9
...
Snyk has created this PR to upgrade com.google.code.gson:gson from 2.8.8 to 2.8.9.
See this package in Maven Repository:
https://mvnrepository.com/artifact/com.google.code.gson/gson/
See this project in Snyk:
https://app.snyk.io/org/micah.silverman/project/cb87a9f4-731e-4a75-a25d-ca3272fdd00b?utm_source=github&utm_medium=referral&page=upgrade-pr
2022-02-28 18:05:54 -05:00
snyk-bot
82189f8418
fix: pom.xml to reduce vulnerabilities
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2326698
2022-01-31 16:25:40 -05:00
dependabot[bot]
2fb6d6bb9c
Bump bcprov-jdk15on from 1.60 to 1.67
...
Bumps [bcprov-jdk15on](https://github.com/bcgit/bc-java ) from 1.60 to 1.67.
- [Release notes](https://github.com/bcgit/bc-java/releases )
- [Changelog](https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html )
- [Commits](https://github.com/bcgit/bc-java/commits )
---
updated-dependencies:
- dependency-name: org.bouncycastle:bcprov-jdk15on
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-24 12:36:39 -05:00
Snyk bot
3e6c9e978c
fix: upgrade com.google.code.gson:gson from 2.8.5 to 2.8.8 ( #684 )
...
Snyk has created this PR to upgrade com.google.code.gson:gson from 2.8.5 to 2.8.8.
See this package in Maven Repository:
https://mvnrepository.com/artifact/com.google.code.gson/gson/
See this project in Snyk:
https://app.snyk.io/org/dogeared/project/76cafdc8-8c18-4705-9786-9703c2e293c9?utm_source=github&utm_medium=referral&page=upgrade-pr
2021-10-11 13:13:39 -04:00
Snyk bot
878d836347
fix: upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.10.7 to 2.12.5 ( #683 )
...
Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.10.7 to 2.12.5.
See this package in Maven Repository:
https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-databind/
See this project in Snyk:
https://app.snyk.io/org/dogeared/project/d56a851a-c55c-475b-bff7-40745a085073?utm_source=github&utm_medium=referral&page=upgrade-pr
2021-10-11 13:13:16 -04:00
Brian Demers
1118726d04
Update fork of coverall-maven-plugin fork
...
NOTE: This fork supports Clover for test coverage
2021-07-09 13:23:41 -04:00
dependabot[bot]
8ed4ab407e
Bump jackson-databind from 2.9.10.5 to 2.9.10.7
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10.5 to 2.9.10.7.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-19 10:11:08 -05:00
dependabot[bot]
71ed1b67aa
Bump junit from 4.12 to 4.13.1
...
Bumps [junit](https://github.com/junit-team/junit4 ) from 4.12 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases )
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.12.md )
- [Commits](https://github.com/junit-team/junit4/compare/r4.12...r4.13.1 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-10-13 14:48:06 -04:00
Brian Demers
dc120e8c54
Correcting dependabot version bump of Jackson to 2.9.10.5
2020-07-09 16:04:45 -04:00
dependabot[bot]
6f2c0c37aa
Bump jackson-databind from 2.9.10.4 to 2.10.0.pr1
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10.4 to 2.10.0.pr1.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2020-07-09 16:04:45 -04:00
Les Hazlewood
14b2f19b29
[maven-release-plugin] prepare for next development iteration
2020-06-11 15:50:09 -04:00
Les Hazlewood
274749373f
[maven-release-plugin] prepare release 0.11.2
2020-06-11 15:50:00 -04:00
Les Hazlewood
26527bd43c
Updated the pom snapshot versions to prepare for the upcoming 0.11.2 release
2020-06-11 14:16:29 -04:00
Johannes Ballmann
82b870e283
Add support for jdk14 ( #590 )
2020-06-08 14:00:59 -04:00
dependabot[bot]
972591f87f
Bump jackson-databind from 2.9.10.3 to 2.9.10.4 ( #587 )
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10.3 to 2.9.10.4.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-04-24 16:06:43 -04:00
Les Hazlewood
5616ba769a
[maven-release-plugin] prepare for next development iteration
2020-03-12 16:59:12 -04:00
Les Hazlewood
c09deaa5f3
[maven-release-plugin] prepare release 0.11.1
2020-03-12 16:59:05 -04:00
Les Hazlewood
c563365b97
Prepping for the 0.11.0 --> 0.11.1 release
2020-03-12 16:56:17 -04:00
dependabot[bot]
0fd59efc93
Bump jackson-databind from 2.9.10.1 to 2.9.10.3
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10.1 to 2.9.10.3.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2020-03-05 10:09:47 -05:00
Les Hazlewood
23743f5a59
[maven-release-plugin] prepare for next development iteration
2020-02-05 12:29:05 -08:00
Les Hazlewood
3cd48fade7
[maven-release-plugin] prepare release 0.11.0
2020-02-05 12:28:58 -08:00
Les Hazlewood
950e6fbcc7
cherry-pick 4821395c06b0786e19b1a3153be65f39a2a524d9: Ensured SignatureAlgorithm `PS256`, `PS384`, and `PS512` worked properly on JDK 11 and later without requiring BouncyCastle. ( #555 )
2020-02-04 00:10:39 -08:00
dependabot[bot]
eadf0ce4fc
Bump jackson-databind from 2.9.10 to 2.9.10.1 ( #532 )
...
Bumps [jackson-databind](https://github.com/FasterXML/jackson ) from 2.9.10 to 2.9.10.1.
- [Release notes](https://github.com/FasterXML/jackson/releases )
- [Commits](https://github.com/FasterXML/jackson/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2019-11-13 09:33:35 +01:00
Christian Schneider
bf7e300d6b
Remove extensions true, move jar plugin near bundle-plugin to show th… ( #514 )
...
* Remove extensions true, move jar plugin near bundle-plugin to show their configs are related
* Reverted to original version to make sure it still works on jdk7
2019-10-09 11:15:30 -04:00
Brian Demers
ebdb4426f6
Update version to 0.11.0-SNAPSHOT ( #506 )
...
via: `mvn versions:set -DnewVersion=0.11.0-SNAPSHOT -DgenerateBackupPoms=false`
2019-10-03 12:09:48 -04:00
Brian Demers
a0060d60f9
Fix duplicate japicmp plugin definition in root pom ( #504 )
...
Merge japicmp plugin definitions - caused by a merge
2019-09-30 14:59:21 -04:00
Brian Demers
6e74be0b8d
Fix split package issue in extensions/jackson and extensions/orgjson ( #488 )
...
* Fix split package issue in extensions/jackson and extensions/orgjson
This moves the implementation specific classes:
- `io.jsonwebtoken.io.Jackson*` to `io.jsonwebtoken.jackson.io.Jackson*`
- `io.jsonwebtoken.io.OrgJson*` to `io.jsonwebtoken.orgjson.io.OrgJson*`
* Add Backwards Compatibility Warning to CHANGELOG
* Add `jjwt-jackson:deprecated` and `jjwt-orgjson:deprecated` modules to retain backward-compatible versions of the Jackson and OrgJson Serializers (this is built with the shade plugin and binary compatibility validated with japicmp)
Fixes : #399
2019-09-27 17:11:19 -04:00
Christian Schneider
b5958202c0
Reenable using the manifest from maven-bundle-plugin run ( #503 )
...
* Reenable using the manifest from maven-bundle-plugin run
* Also enable manifest changes again
* Remove import tweaks. Add optional bnd.bnd config
2019-09-27 13:52:45 -04:00
Brian Demers
c246385be1
Updating to jackson-databind 2.9.10 ( #498 )
2019-09-25 14:28:34 -04:00
Brian Demers
b327aeab7e
Add support for testing with JDK11
...
There were a couple issues preventing running the build with Java 11
- A groovy bug - fixed with a version bump https://issues.apache.org/jira/browse/GROOVY-8727
- The ASM version that is embedded in easymock does NOT support Java 11 classes - worked around by stubbing out those usages instead
- javadoc modules issue - fixed by setting the Javadoc source version to 1.7
2019-09-24 18:57:06 -04:00
Brian Demers
5339faf87f
Add license-maven-plugin to mange headers
...
and apply missing headers
usage:
# validate license headers exist
mvn license:check
# apply headers (to files without headers)
mvn license:format
2019-09-17 16:19:07 -04:00
Brian Demers
718f357c58
Upgrade Jackson Databind 2.9.9.3
...
Fixes : #484
2019-09-12 17:45:36 -04:00
patton73
2bb8e4d02e
Fixes for reviews. Hope i did not forget something.
2019-07-17 22:46:18 +02:00
Andrea Paternesi
bb1fb76ce9
last fix to the pom?
2019-07-16 17:00:20 +02:00
Andrea Paternesi
262c527674
Fix locator paths and added tests.
2019-07-16 16:19:23 +02:00
Les Hazlewood
caa7b0e942
[maven-release-plugin] prepare for next development iteration
2019-07-11 20:12:25 -04:00
Les Hazlewood
b292b891ca
[maven-release-plugin] prepare release 0.10.7
2019-07-11 20:12:20 -04:00
Les Hazlewood
4ae8f6d9c9
Issue 461: upgraded Jackson version to 2.9.9.1. Fixes #461 .
2019-07-11 16:05:52 -04:00
Les Hazlewood
70e6845b82
Ensure version is 0.10.7-SNAPSHOT to prep for the next release.
2019-03-10 11:59:31 -04:00
Micah Silverman
af73a02786
[maven-release-plugin] prepare for next development iteration
2019-02-25 13:33:47 -05:00
Micah Silverman
d29d6da989
[maven-release-plugin] prepare release jjwt-root-0.10.6
2019-02-25 13:33:39 -05:00
Micah Silverman
79507b9f66
udpated jackson databind version to fix security vulnerability
2019-02-21 14:44:49 -08:00
Les Hazlewood
1839ebf5e8
# This is a combination of 2 commits.
...
# This is the 1st commit message:
[maven-release-plugin] prepare for next development iteration
# This is the commit message #2 :
rebased from master before merge
2018-08-07 13:59:15 -04:00
Les Hazlewood
d7071faeae
[maven-release-plugin] prepare release 0.10.2
2018-08-07 13:43:48 -04:00
Les Hazlewood
f19c34a763
Ensured JJWT's org.json use is compatible with Android's org.json API as defined in https://developer.android.com/reference/org/json/package-summary . Resolves #380 .
2018-08-07 13:32:20 -04:00
Les Hazlewood
5e5f29d8b1
[maven-release-plugin] prepare release 0.10.1
2018-08-02 17:30:09 -04:00
Les Hazlewood
7f662627cc
Ensured BouncyCastle was optional. Also ensured EllipticCurve algorithms could be used without BouncyCastle since the JDK supports EC by default. Moved RuntimeEnvironment.enableBouncyCastleIfPossible() call out of SignatureAlgorithm into RsaProvider since BC is only necessary for RSASSA-PSS algorithms (PS256, PS384, PS512) and nothing else in JJWT's codebase.
...
Resolves #372
2018-08-02 16:59:59 -04:00
Les Hazlewood
b58e1b6dc5
[maven-release-plugin] prepare for next development iteration
2018-08-01 18:10:41 -04:00
Les Hazlewood
6b980553cf
[maven-release-plugin] prepare release 0.10.0
2018-08-01 18:10:34 -04:00