Prepare a 0.6.1 release? ECDSA doesn't work in 0.6.0, but is fixed on master

[sagacity]

We are currently trying to use jjwt to validate ES512 tokens, but this doesn't work correctly in version 0.6.0 of jjwt. It does work correctly due to the various ECDSA fixes that have happened in the last few months.

Would it be possible to backport these fixes to a 0.6.1 release?

[aadrian]

Any change getting a new release?

[lhazlewood]

I'll see if I can get one out this weekend. It might not happen however if the implementation changes that made this work are closely related to the SignatureAlgorithm API changes for 0.7. I can't remember off the top of my head if that is the case. Now that most of us are back from vacation, I think a 0.6.1 or 0.7.0 aren't that far away though!

[lhazlewood]

Just curious - did you try an <exclusion> directive in your maven pom (or gradle equivalent) to explicitly exclude the JJWT jackson version?

We don't do anything 'special' with Jackson other than just invoking the object mapper, so I'd be surprised if this didn't work (but not saying it will ;) ).

[lhazlewood]

Due to various changes, it will be easier to do this as 0.7 so we'll focus on that. We should have a release out shortly. We need to solve #163 first though.