This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-java.git
The following commit(s) were added to refs/heads/main by this push:
new 96339f6c2 MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.37.1 to
11.37.2 (#1164)
96339f6c2 is described below
commit 96339f6c2f35c3e6676e62fded200c0934f9d8d3
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Wed May 27 11:22:01 2026 +0200
MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.37.1 to 11.37.2 (#1164)
Bumps
[com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)
from 11.37.1 to 11.37.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt";>com.nimbusds:oauth2-oidc-sdk's
changelog</a>.</em></p>
<blockquote>
<p>version 1.0 (2012-05-29)
* First official release with authorisation endpoint, token endpoint,
check
ID endpoint and UserInfo endpoint support.
* JSON Web Tokens (JWTs) support through the Nimbus-JWT library.
* Language Tags (RFC 5646) support through the Nimbus-LangTag library.
* JSON support through the JSON Smart library.</p>
<p>version 2.0 (2013-05-13)
* Intermediary development release with Maven build, published to
Maven Central.</p>
<p>version 2.1 (2013-06-06)
* Updates the APIs to OpenID Connect Messages draft 20, OpenID Connect
Standard draft 21, OpenID Connect Discovery draft 17 and OpenID
Connect Registration draft 19.
* Major refactoring of the APIs for greater simplicity.
* Adds JUnit tests.</p>
<p>version 2.2 (2013-06-18)
* Refactors dynamic OpenID Connect client registration.
* Adds partial support of the OAuth 2.0 Dynamic Client Registration
Protocol (draft-ietf-oauth-dyn-reg-12).
* Optimises parsing of request parameters consisting of one or more
tokens (scope, response type, etc).</p>
<p>version 2.3 (2013-06-19)
* Renames OAuth 2.0 dynamic client registration package.
* Adds ClientInformation.getClientMetadata() method.
* Adds OIDCClientInformation class.</p>
<p>version 2.4 (2013-06-20)
* Adds static OIDCClientInformation.parse(JSONObject) method.</p>
<p>version 2.5 (2013-06-22)
* Adds support OAuth 2.0 dynamic client update.
* Adds OpenID Connect dynamic client registration classes.</p>
<p>version 2.6 (2013-06-25)
* Enforces order of preference of ACR values in OpenID Connect client
metadata, as required by the specification.
* Documentation and performance improvements.</p>
<p>version 2.7 (2013-06-26)
* Switches Identifier generation to java.security.SecureRandom.</p>
<p>version 2.8 (2013-06-30)
* Fixes serialisation and assignment bugs in ClientMetadata.
* Switches Secret generation to java.security.SecureRandom.</p>
<p>version 2.9 (2013-09-17)</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/fedf633e67229b69f5f5ca378a588eca8ce7d117";><code>fedf633</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/29b77a0d34b72768194e8e2a53c0f56916bbee86";><code>29b77a0</code></a>
Updates to JSON Smart 2.6.0</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/6e53206950bcbf0c8e5f9ad7b6fe6f3081803f86";><code>6e53206</code></a>
[maven-release-plugin] prepare release 11.37.2</li>
<li>See full diff in <a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.37.2..11.37.1";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
---
flight/flight-sql-jdbc-core/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/flight/flight-sql-jdbc-core/pom.xml
b/flight/flight-sql-jdbc-core/pom.xml
index 96a11f2b9..3741ee083 100644
--- a/flight/flight-sql-jdbc-core/pom.xml
+++ b/flight/flight-sql-jdbc-core/pom.xml
@@ -182,7 +182,7 @@ under the License.
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
- <version>11.37.1</version>
+ <version>11.37.2</version>
</dependency>
</dependencies>
