adoroszlai commented on PR #10662:
URL: https://github.com/apache/ozone/pull/10662#issuecomment-4882568728

   ```
   10.4.1 (2025-08-05)
       * Adds "requires java.sql" to module com.nimbusds.jose.jwt (iss #595).
   
   10.4.2 (2025-08-14)
       * Updates GSon to 2.13.1.
       * Updates BouncyCastle to 1.81.
   
   10.5 (2025-09-05)
       * Support for specifying a ScheduledExecutorService instance in
         RefreshAheadCachingJWKSetSource and JWKSourceBuilder (iss #592).
   
   10.6 (2025-11-06)
       * Adds static CollectionUtils.containsNull(Set) method.
       * DefaultJWTClaimsVerifier accepted "aud" (audience) argument must be
         compatible with Set.of (iss #499).
       * The DefaultJWTClaimsVerifier must not include JWT claim values in
         BadJWTException messages (iss #605).
   
   10.7 (2026-01-08)
       * Adds MaxCompressedCipherTextLength that implements JWEDecrypterOption, 
to
         to configure the maximum allowed length of compressed cipher text.
       * Adds JWEObject.decrypt(JWEDecrypter, Set<JWEDecrypterOption>) method to
         support the MaxCompressedCipherTextLength option.
   
   10.8 (2026-02-19)
       * Adds a PasswordBasedDecrypter(byte[], Set<String>) constructor to 
specify
         names of the critical header parameters that are deferred to the
         application for processing. Aligns with other JWEDecrypter and
         CriticalHeaderParamsAware implementations (iss #610).
       * Fixes getDeferredCriticalHeaderParams() in AESDecrypter, 
DirectDecrypter,
         RSADecrypter, ECDHDecrypter, X25519Decrypter, ECDH1PUDecrypter,
         ECDH1PUX25519Decrypter, MultiDecrypter, MACVerifier, ECDSAVerifier and
         Ed25519Verifier. Must internally call
         critPolicy.getDeferredCriticalHeaderParams(), not
         critPolicy.getProcessedCriticalHeaderParams() (iss #612).
   
   10.9 (2026-04-02)
       * Adds X509CertUtils.computeSHA1Thumbprint(X509Certificate) method to
         compute the SHA-1 thumbprint of an X.509 certificate for the "x5t" 
(X.509
         certificate SHA-1 thumbprint) JWK and JOSE header parameter.
   
   10.9.1 (2026-05-31)
       * Fixes health status reporting when RefreshAheadCachingJWKSetSource,
         JWKSetSourceWithHealthStatusReporting and OutageTolerantJWKSetSource 
are
         used together. A failed refresh-ahead background update could 
previously
         cause JWKSetSourceWithHealthStatusReporting to mark the JWK set source 
as
         UNHEALTHY, even though OutageTolerantJWKSetSource was still within its
         configured outage tolerance window and regular JWT validation could
         continue using the cached JWK set. Refresh-ahead failures that are
         covered by outage tolerance no longer cause the health status to become
         unhealthy before the outage tolerance period has been exceeded (iss
         #619).
   ```
   
   
https://bitbucket.org/connect2id/nimbus-jose-jwt/raw/e055b3bf56bf379cf1ad0b804fe167cdd28ef445/CHANGELOG.txt


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to