morki
commented
1 year ago I was stuck with this (and BouncyCastle dependency) so I wrote another open source library for web push notifications for JVM without external dependencies except standard library:
https://github.com/interaso/webpush
You can give it a try.
Hello, the current GA 5.1.1 pulls in org.asynchttpclient:async-http-client:2.10.4 which in turn pulls in a whole truckload of CVEs in nearly all io.netty components. build.gradle on master has already been updated to 2.12.3 so this should be built as a new version and made available on mvncentral. Many Thanks!
(CVE scanner: https://jeremylong.github.io/DependencyCheck/dependency-check-maven/ )