Bump com.nimbusds:nimbus-jose-jwt from 9.39.1 to 9.40

[dependabot[bot]]

Bumps com.nimbusds:nimbus-jose-jwt from 9.39.1 to 9.40.

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

version 1.0 (2012-03-01)

• First version based on the OpenInfoCard JWT, JWS and JWE code base.

version 1.1 (2012-03-06)

• Introduces type-safe enumeration of the JSON Web Algorithms (JWA).
• Refactors the JWT class.

version 1.2 (2012-03-08)

• Moves JWS and JWE code into separate classes.

version 1.3 (2012-03-09)

• Switches to Apache Commons Codec for Base64URL encoding and decoding
• Consolidates the crypto utilities within the package.
• Introduces a JWT content serialiser class.

version 1.4 (2012-03-09)

• Refactoring of JWT class and JUnit tests.

version 1.5 (2012-03-18)

• Switches to JSON Smart for JSON serialisation and parsing.
• Introduces claims set class with JSON objects, string, Base64URL and byte array views.

version 1.6 (2012-03-20)

• Creates class for representing, serialising and parsing JSON Web Keys (JWK).
• Introduces separate class for representing JWT headers.

version 1.7 (2012-04-01)

• Introduces separate classes for plain, JWS and JWE headers.
• Introduces separate classes for plain, signed and encrypted JWTs.
• Removes the JWTContent class.
• Removes password-based (PE820) encryption support.

version 1.8 (2012-04-03)

• Adds support for the ZIP JWE header parameter.
• Removes unsupported algorithms from the JWA enumeration.

version 1.9 (2012-04-03)

• Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod().

version 1.9.1 (2012-04-03)

• Upgrades JSON Smart JAR to 1.1.1.

version 1.10 (2012-04-14)

• Introduces serialize() method to base abstract JWT class.

version 1.11 (2012-05-13)

• JWT.serialize() throws checked JWTException instead of

... (truncated)

Commits

• 16d52cd [maven-release-plugin] prepare for next development iteration
• b530053 Fixes NPE in DefaultJWTClaimsVerifier.verify when checking an exact match cla...
• 63be304 Fixes version 9.39.2 date
• 97183e0 [maven-release-plugin] prepare release 9.39.2
• 2e444ed [maven-release-plugin] prepare for next development iteration
• 2652777 Bumps GSon to 2.11.0, addressing Number parsing performance issue (#546)
• 7dde635 Fixes JSONObjectUtilsTest.testParseFromStringEntity test, ParseException mess...
• 6d001d4 [maven-release-plugin] prepare release 9.39.3
• 493fc20 [maven-release-plugin] prepare for next development iteration
• 2c6d225 New JWTClaimsSet.Builder.serializeNullClaims(boolean) method, fixes JWTClaims...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[VolkerHartmann]

@dependabot merge