search

maartenvanvliet / certbot

Provide certificates for your Phoenix or Plug app using Letsencrypt
https://hexdocs.pm/certbot
MIT License
14 stars 2 forks source link

Bump jose from 1.11.0 to 1.11.5 #95

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps jose from 1.11.0 to 1.11.5.

Release notes

Sourced from jose's releases.

1.11.5 (2022-12-16)

  • Fixes
    • Remove dependency on parse_transform for jose_base64 and jose_base64url.

1.11.4 (2022-12-15)

  • Enhancements
    • Add support for native crypto operations for Ed25519 and Ed448, thanks to @​brettbeatty; see #123.
    • Add support for native crypto operations for ChaCha20-Poly1305 and XChaCha20-Poly1305, when available.
    • Add support for libsodium operations for XChaCha20-Poly1305, when available.
    • Add support for thoas JSON encode/decode, thanks to @​michaelklishin; see #126.
    • Add support for ES256K which uses the secp256k1 curve and RS1 signatures (see 291dbb8).
    • Add support for ECDH-1PU JOSE.JWK.box_encrypt_ecdh_1pu and ECDH-ES JOSE.JWK.box_encrypt_ecdh_es and document the deprecated JOSE.JWK.box_encrypt.
    • Add support for ECDH-SS JOSE.JWK.box_encrypt_ecdh_ss.
    • Hide kty field when inspecting %JOSE.JWK{} strict, thanks to @​spencerdcarlson; see #139
  • Fixes
    • Version mismatch causing rebar3 to constantly try to update; see #122.
    • Fix Ed25519 and Ed448 key DER/PEM encode/decode for OTP 25.
    • Fix Ed25519ctx, Ed25519ph, Ed448, and Ed448ph when dealing with contexts so the implementation matches IETF RFC 8032.
    • Drop direct usage of crypto:hmac/4, thanks to @​thalesmg; see #136
    • Replace incorrect usage of -include_lib with -include, thanks to @​Richiban; see #140
    • Update the CI jobs so they actually run the Elixir tests, thanks to @​moogle19; see #137
    • Change the master branch to main.
Changelog

Sourced from jose's changelog.

1.11.5 (2022-12-16)

  • Fixes
    • Remove dependency on parse_transform for jose_base64 and jose_base64url.

1.11.4 (2022-12-15)

  • Enhancements
    • Add support for native crypto operations for Ed25519 and Ed448, thanks to @​brettbeatty; see #123.
    • Add support for native crypto operations for ChaCha20-Poly1305 and XChaCha20-Poly1305, when available.
    • Add support for libsodium operations for XChaCha20-Poly1305, when available.
    • Add support for thoas JSON encode/decode, thanks to @​michaelklishin; see #126.
    • Add support for ES256K which uses the secp256k1 curve and RS1 signatures (see 291dbb8).
    • Add support for ECDH-1PU JOSE.JWK.box_encrypt_ecdh_1pu and ECDH-ES JOSE.JWK.box_encrypt_ecdh_es and document the deprecated JOSE.JWK.box_encrypt.
    • Add support for ECDH-SS JOSE.JWK.box_encrypt_ecdh_ss.
    • Hide kty field when inspecting %JOSE.JWK{} strict, thanks to @​spencerdcarlson; see #139
  • Fixes
    • Version mismatch causing rebar3 to constantly try to update; see #122.
    • Fix Ed25519 and Ed448 key DER/PEM encode/decode for OTP 25.
    • Fix Ed25519ctx, Ed25519ph, Ed448, and Ed448ph when dealing with contexts so the implementation matches IETF RFC 8032.
    • Drop direct usage of crypto:hmac/4, thanks to @​thalesmg; see #136
    • Replace incorrect usage of -include_lib with -include, thanks to @​Richiban; see #140
    • Update the CI jobs so they actually run the Elixir tests, thanks to @​moogle19; see #137
    • Change the master branch to main.

1.11.3 (2022-08-28) - unreleased

  • This version was never actually released, but was referenced for a while on the master branch (see 43d3db4).

1.11.2 (2021-08-06)

  • Fixes
    • Add compatability with OTP 24

1.11.1 (2020-12-23)

  • Fixes
    • Fix compatibility with older OTP versions
    • Fix AES detection on OTP 23
    • Fix AES GCM bugs on OTP 23
Commits
  • e0110a1 Version 1.11.5
  • 57ce00c Remove dependency on 'parse_transform' for 'jose_base64' and 'jose_base64url'
  • 5f2c32f Version 1.11.4
  • 58ea725 Bump versions of OTP and Elixir.
  • 9ef4d0e Merge pull request #137 from zahlz/ci
  • 44c76ad Merge branch 'zahlz-ci'
  • 771b31f Update CI job
  • 4dd5bc9 Merge pull request #136 from thalesmg/fix-drop-crypto-hmac4
  • 0571b87 Merge pull request #140 from Richiban/update-includes
  • 4af5a4a Merge pull request #139 from spencerdcarlson/main
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)