honeymoose
/
jjwt
mirror of https://github.com/jwtk/jjwt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
514 Commits 16 Branches 33 Tags 154 MiB
Commit Graph

130 Commits

Author SHA1 Message Date
dependabot[bot] c260e55f6e
Bump json from 20220320 to 20230227 (#776) 
Bumps [json](https://github.com/douglascrockford/JSON-java) from 20220320 to 20230227.
- [Release notes](https://github.com/douglascrockford/JSON-java/releases)
- [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md)
- [Commits](https://github.com/douglascrockford/JSON-java/commits)

---
updated-dependencies:
- dependency-name: org.json:json
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-17 12:06:14 -07:00
Brian Demers f6aa291e94 Pins version of maven-resources-plugin to 3.1.0 
Versions after this fail to copy symlinks (used for impl crypto tests)
This should be fixed in a future version of the maven-resources-plugin (MRESOURCES-269), but should be pinned anyway
 2023-03-21 09:39:24 -04:00
Mats Rydberg b36ef87507
Bump jackson dependency to latest (#750) 
This is important to get the latest security fixes from jackson.
Users of jjwt-jackson have to exclude and manually upgrade this dependency otherwise.
 2022-11-30 16:17:37 -08:00
Les Hazlewood 8318287284
Upgrading Jackson dependency due to CVE-2022-42003 (#760) 2022-11-08 12:31:55 -08:00
Brian Demers a858153518
Adds new convenience module using the old package name (#629) 
* Adds new connivence module, in place of the old io.jsonwebtoken:jjwt module

Some folks are unaware of newer JJWT versions because they are still using the old io.jsonwebtoken:jjwt module. This makes automatic version updates tools "just work" for them

NOTE: This new module is _basically_ an empty jar, that adds `jjwt-api` (compile scope), `jjwt-impl` (runtime scope), and `jjwt-jackson` (runtime scope) transitive dependencies.

* Minor cleanup before changing `all` directory name

* Renamed `all` to `tdjar` (transitive dependency jar)

Co-authored-by: Les Hazlewood <121180+lhazlewood@users.noreply.github.com>
 2022-06-11 15:53:17 -07:00
Les Hazlewood eb20914fa7
0.11.5 release (#735) 
* Changed README references from 0.11.4 to 0.11.5
* [maven-release-plugin] prepare release 0.11.5
* [maven-release-plugin] prepare for next development iteration
 2022-04-28 12:24:56 -04:00
Les Hazlewood 9c0ea0d0eb
Prep for 0.11.4 release (#732) 
- Updated README.md version numbers to reflect the 0.11.4 release
- Added 0.11.4 release/changelog notes to CHANGELOG.md
 2022-04-26 19:16:04 -04:00
Les Hazlewood f32b350633
3rd party version upgrades where feasible (#730) 2022-04-26 17:17:09 -04:00
Les Hazlewood 451c8d44dd
Clean build on all available JDK versions (#729) 
- POM and JavaDoc updates to get a clean (warning free) build, remove duplicates, etc
- Ensured CI uses the release build profile (i.e. 'ossrh') to ensure we can execute all things necessary for a release.  This will not deploy to ossrh however, as we do that manually during a release per https://github.com/jwtk/jjwt/wiki#release-instructions
- Fixing JavaDoc lint errors surfacing on JDK 14
- Enable html5 for JavaDoc on JDK >= 9
- Used version properties and Maven profiles to allow the japicmp-maven-plugin to work with JDK 7 through 18
- Minor CI job name fixes, added additional zulu JDK versions
- Fixed build to run on all JDKs, from 7 to 18 inclusive
 2022-04-25 21:51:28 -04:00
Les Hazlewood b78473262d
0.11.3 to master (#728) 
Merged 0.11.3 patch release into mainline development branch
 2022-04-23 17:32:28 -04:00
Brian Demers 4b3e2c9315 Update Jackson Databind to 2.12.6.1 
Fixes: #716
Fixes: #614
 2022-04-18 13:38:09 -04:00
snyk-bot 20b04372d2 fix: upgrade com.google.code.gson:gson from 2.8.8 to 2.8.9 
Snyk has created this PR to upgrade com.google.code.gson:gson from 2.8.8 to 2.8.9.

See this package in Maven Repository:
https://mvnrepository.com/artifact/com.google.code.gson/gson/

See this project in Snyk:
https://app.snyk.io/org/micah.silverman/project/cb87a9f4-731e-4a75-a25d-ca3272fdd00b?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-02-28 18:05:54 -05:00
snyk-bot 82189f8418 fix: pom.xml to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2326698
 2022-01-31 16:25:40 -05:00
dependabot[bot] 2fb6d6bb9c Bump bcprov-jdk15on from 1.60 to 1.67 
Bumps [bcprov-jdk15on](https://github.com/bcgit/bc-java) from 1.60 to 1.67.
- [Release notes](https://github.com/bcgit/bc-java/releases)
- [Changelog](https://github.com/bcgit/bc-java/blob/master/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

---
updated-dependencies:
- dependency-name: org.bouncycastle:bcprov-jdk15on
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-24 12:36:39 -05:00
Snyk bot 3e6c9e978c
fix: upgrade com.google.code.gson:gson from 2.8.5 to 2.8.8 (#684) 
Snyk has created this PR to upgrade com.google.code.gson:gson from 2.8.5 to 2.8.8.

See this package in Maven Repository:
https://mvnrepository.com/artifact/com.google.code.gson/gson/

See this project in Snyk:
https://app.snyk.io/org/dogeared/project/76cafdc8-8c18-4705-9786-9703c2e293c9?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-10-11 13:13:39 -04:00
Snyk bot 878d836347
fix: upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.10.7 to 2.12.5 (#683) 
Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.10.7 to 2.12.5.

See this package in Maven Repository:
https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-databind/

See this project in Snyk:
https://app.snyk.io/org/dogeared/project/d56a851a-c55c-475b-bff7-40745a085073?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-10-11 13:13:16 -04:00
Brian Demers 1118726d04 Update fork of coverall-maven-plugin fork 
NOTE: This fork supports Clover for test coverage
 2021-07-09 13:23:41 -04:00
dependabot[bot] 8ed4ab407e Bump jackson-databind from 2.9.10.5 to 2.9.10.7 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.5 to 2.9.10.7.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-02-19 10:11:08 -05:00
dependabot[bot] 71ed1b67aa Bump junit from 4.12 to 4.13.1 
Bumps [junit](https://github.com/junit-team/junit4) from 4.12 to 4.13.1.
- [Release notes](https://github.com/junit-team/junit4/releases)
- [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.12.md)
- [Commits](https://github.com/junit-team/junit4/compare/r4.12...r4.13.1)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-10-13 14:48:06 -04:00
Brian Demers dc120e8c54 Correcting dependabot version bump of Jackson to 2.9.10.5 2020-07-09 16:04:45 -04:00
dependabot[bot] 6f2c0c37aa Bump jackson-databind from 2.9.10.4 to 2.10.0.pr1 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.4 to 2.10.0.pr1.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-07-09 16:04:45 -04:00
Les Hazlewood 14b2f19b29 [maven-release-plugin] prepare for next development iteration 2020-06-11 15:50:09 -04:00
Les Hazlewood 274749373f [maven-release-plugin] prepare release 0.11.2 2020-06-11 15:50:00 -04:00
Les Hazlewood 26527bd43c Updated the pom snapshot versions to prepare for the upcoming 0.11.2 release 2020-06-11 14:16:29 -04:00
Johannes Ballmann 82b870e283
Add support for jdk14 (#590) 2020-06-08 14:00:59 -04:00
dependabot[bot] 972591f87f
Bump jackson-databind from 2.9.10.3 to 2.9.10.4 (#587) 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.3 to 2.9.10.4.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-04-24 16:06:43 -04:00
Les Hazlewood 5616ba769a [maven-release-plugin] prepare for next development iteration 2020-03-12 16:59:12 -04:00
Les Hazlewood c09deaa5f3 [maven-release-plugin] prepare release 0.11.1 2020-03-12 16:59:05 -04:00
Les Hazlewood c563365b97 Prepping for the 0.11.0 --> 0.11.1 release 2020-03-12 16:56:17 -04:00
dependabot[bot] 0fd59efc93 Bump jackson-databind from 2.9.10.1 to 2.9.10.3 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10.1 to 2.9.10.3.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-03-05 10:09:47 -05:00
Les Hazlewood 23743f5a59 [maven-release-plugin] prepare for next development iteration 2020-02-05 12:29:05 -08:00
Les Hazlewood 3cd48fade7 [maven-release-plugin] prepare release 0.11.0 2020-02-05 12:28:58 -08:00
Les Hazlewood 950e6fbcc7
cherry-pick 4821395c06b0786e19b1a3153be65f39a2a524d9: Ensured SignatureAlgorithm `PS256`, `PS384`, and `PS512` worked properly on JDK 11 and later without requiring BouncyCastle. (#555) 2020-02-04 00:10:39 -08:00
dependabot[bot] eadf0ce4fc Bump jackson-databind from 2.9.10 to 2.9.10.1 (#532) 
Bumps [jackson-databind](https://github.com/FasterXML/jackson) from 2.9.10 to 2.9.10.1.
- [Release notes](https://github.com/FasterXML/jackson/releases)
- [Commits](https://github.com/FasterXML/jackson/commits)

Signed-off-by: dependabot[bot] <support@github.com>
 2019-11-13 09:33:35 +01:00
Christian Schneider bf7e300d6b Remove extensions true, move jar plugin near bundle-plugin to show th… (#514) 
* Remove extensions true, move jar plugin near bundle-plugin to show their configs are related

* Reverted to original version to make sure it still works on jdk7
 2019-10-09 11:15:30 -04:00
Brian Demers ebdb4426f6
Update version to 0.11.0-SNAPSHOT (#506) 
via: `mvn versions:set -DnewVersion=0.11.0-SNAPSHOT -DgenerateBackupPoms=false`
 2019-10-03 12:09:48 -04:00
Brian Demers a0060d60f9
Fix duplicate japicmp plugin definition in root pom (#504) 
Merge japicmp plugin definitions - caused by a merge
 2019-09-30 14:59:21 -04:00
Brian Demers 6e74be0b8d
Fix split package issue in extensions/jackson and extensions/orgjson (#488) 
* Fix split package issue in extensions/jackson and extensions/orgjson

This moves the implementation specific classes:
- `io.jsonwebtoken.io.Jackson*` to `io.jsonwebtoken.jackson.io.Jackson*`
- `io.jsonwebtoken.io.OrgJson*` to `io.jsonwebtoken.orgjson.io.OrgJson*`

* Add Backwards Compatibility Warning to CHANGELOG
* Add `jjwt-jackson:deprecated` and `jjwt-orgjson:deprecated` modules to retain backward-compatible versions of the Jackson and OrgJson Serializers (this is built with the shade plugin and binary compatibility validated with japicmp)

Fixes: #399
 2019-09-27 17:11:19 -04:00
Christian Schneider b5958202c0 Reenable using the manifest from maven-bundle-plugin run (#503) 
* Reenable using the manifest from maven-bundle-plugin run

* Also enable manifest changes again

* Remove import tweaks. Add optional bnd.bnd config
 2019-09-27 13:52:45 -04:00
Brian Demers c246385be1
Updating to jackson-databind 2.9.10 (#498) 2019-09-25 14:28:34 -04:00
Brian Demers b327aeab7e Add support for testing with JDK11 
There were a couple issues preventing running the build with Java 11
- A groovy bug - fixed with a version bump https://issues.apache.org/jira/browse/GROOVY-8727
- The ASM version that is embedded in easymock does NOT support Java 11 classes - worked around by stubbing out those usages instead
- javadoc modules issue - fixed by setting the Javadoc source version to 1.7
 2019-09-24 18:57:06 -04:00
Brian Demers 5339faf87f
Add license-maven-plugin to mange headers 
and apply missing headers

usage:
# validate license headers exist
mvn license:check

# apply headers (to files without headers)
mvn license:format
 2019-09-17 16:19:07 -04:00
Brian Demers 718f357c58 Upgrade Jackson Databind 2.9.9.3 
Fixes: #484
 2019-09-12 17:45:36 -04:00
patton73 2bb8e4d02e Fixes for reviews. Hope i did not forget something. 2019-07-17 22:46:18 +02:00
Andrea Paternesi bb1fb76ce9 last fix to the pom? 2019-07-16 17:00:20 +02:00
Andrea Paternesi 262c527674 Fix locator paths and added tests. 2019-07-16 16:19:23 +02:00
Les Hazlewood caa7b0e942 [maven-release-plugin] prepare for next development iteration 2019-07-11 20:12:25 -04:00
Les Hazlewood b292b891ca [maven-release-plugin] prepare release 0.10.7 2019-07-11 20:12:20 -04:00
Les Hazlewood 4ae8f6d9c9 Issue 461: upgraded Jackson version to 2.9.9.1. Fixes #461. 2019-07-11 16:05:52 -04:00
Les Hazlewood 70e6845b82 Ensure version is 0.10.7-SNAPSHOT to prep for the next release. 2019-03-10 11:59:31 -04:00