mayankmetha / Rucky

A simple to use USB HID Rubber Ducky Launch Pad for Android.
https://mayankmetha.github.io/Rucky
GNU General Public License v3.0
548 stars 65 forks source link

Bump com.appmattus.certificatetransparency:certificatetransparency-android from 1.1.1 to 2.4.2 in /app #140

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps com.appmattus.certificatetransparency:certificatetransparency-android from 1.1.1 to 2.4.2.

Release notes

Sourced from com.appmattus.certificatetransparency:certificatetransparency-android's releases.

v2.4.2

Automatic release updating embedded log_list.json and log_list.sig

v2.4.1

Automatic release updating embedded log_list.json and log_list.sig

v2.4.0

⚠️ Breaking Changes

Dependency updates including:

Kotlin 1.8.20

v2.3.0

Fixes crash on Android 6 when retrieving host name using the certificates subject common name. See #87

v2.2.1

Automatic release updating embedded log_list.json and log_list.sig

v.2.2.0

  • Fixes to ASN.1 parser which was previously crashing for some certificates.
  • Fixes distinct operator rules to only need 2

v2.1.3

Automatic release updating embedded log_list.json and log_list.sig

v2.1.2

Automatic release updating embedded log_list.json and log_list.sig

v2.1.1

Automatic release updating embedded log_list.json and log_list.sig

v2.1.0

Bug fix to ensure the backup resources cache is actually used. Thanks to @​HylkeB for the original bug report and fix code.

v2.0.1

Automatic release updating embedded log_list.json and log_list.sig

v2.0.0

What's Changed

  • Library now uses the v3 schema for the Certificate Transparency log list. This has allowed caching to be re-worked and made more robust. A failover copy of the log list is now embedded in the library so is always available. The new schema also helps reduce the risk of replay attacks.
  • The certificate transparency policy has been updated to match the latest Chrome policy which generally requires fewer SCT entries.
  • BouncyCastle has been removed from the library which removes perceived security vulnerabilities in code within BC that we don't use.
  • While not generally recommended the library has been updated to allow installation of CT checks by multiple libraries using Java Security Providers. Specific guidance of this use case has been added for SDK developers.

⚠️ Breaking Changes

Dependency updates including:

Kotlin 1.8.10

... (truncated)

Commits
  • 2e0cc1d Auto update log_list.json and log_list.sig
  • 16ac2f6 Auto update log_list.json and log_list.sig
  • f885f3f Auto update log_list.json and log_list.sig
  • a1d4e92 Auto update log_list.json and log_list.sig
  • f0aaede Auto update log_list.json and log_list.sig
  • 2664201 Auto update log_list.json and log_list.sig
  • dcf614f Auto update log_list.json and log_list.sig
  • 02ba9ea Auto update log_list.json and log_list.sig
  • 9e397b2 Update to Kotlin 1.8.20 (#89)
  • 2fd7a02 Extract commonName from certificate using ASN.1 (#88)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #141.