search

xdev-software / bzst-dip-java-client

Java client library for the BZST - DIP (Bundeszentralamt für Steuern - Digitaler Posteingang)
Apache License 2.0
5 stars 2 forks source link

Update jjwt.version to v0.12.6 #47

Closed xdev-renovate closed 2 months ago

xdev-renovate commented 2 months ago

This PR contains the following updates:

Package Type Update Change
io.jsonwebtoken:jjwt-jackson runtime patch 0.12.5 -> 0.12.6
io.jsonwebtoken:jjwt-impl runtime patch 0.12.5 -> 0.12.6
io.jsonwebtoken:jjwt-api compile patch 0.12.5 -> 0.12.6

Release Notes

jwtk/jjwt (io.jsonwebtoken:jjwt-jackson) ### [`v0.12.6`](https://togithub.com/jwtk/jjwt/blob/HEAD/CHANGELOG.md#0126) [Compare Source](https://togithub.com/jwtk/jjwt/compare/0.12.5...0.12.6) This patch release: - Ensures that after successful JWS signature verification, an application-configured Base64Url `Decoder` output is used to construct a `Jws` instance (instead of JJWT's default decoder). See [Issue 947](https://togithub.com/jwtk/jjwt/issues/947). - Fixes a decompression memory leak in concurrent/multi-threaded environments introduced in 0.12.0 when decompressing JWTs with a `zip` header of `GZIP`. See [Issue 949](https://togithub.com/jwtk/jjwt/issues/949). - Upgrades BouncyCastle to 1.78 via [PR 941](https://togithub.com/jwtk/jjwt/pull/941).

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

This PR has been generated by Renovate Bot.