solven-eu / cleanthat

Github App opening automatically cleaning PR
64 stars 18 forks source link

Update dependency io.jsonwebtoken:jjwt-jackson to v0.12.6 - autoclosed #819

Closed renovate[bot] closed 4 months ago

renovate[bot] commented 4 months ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
io.jsonwebtoken:jjwt-jackson 0.12.5 -> 0.12.6 age adoption passing confidence

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

jwtk/jjwt (io.jsonwebtoken:jjwt-jackson) ### [`v0.12.6`](https://togithub.com/jwtk/jjwt/blob/HEAD/CHANGELOG.md#0126) [Compare Source](https://togithub.com/jwtk/jjwt/compare/0.12.5...0.12.6) This patch release: - Ensures that after successful JWS signature verification, an application-configured Base64Url `Decoder` output is used to construct a `Jws` instance (instead of JJWT's default decoder). See [Issue 947](https://togithub.com/jwtk/jjwt/issues/947). - Fixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a `zip` header of `GZIP`. See [Issue 949](https://togithub.com/jwtk/jjwt/issues/949). - Upgrades BouncyCastle to 1.78 via [PR 941](https://togithub.com/jwtk/jjwt/pull/941).

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR has been generated by Mend Renovate. View repository job log here.