dependabot[bot] opened a new pull request, #8515:
URL: https://github.com/apache/nifi/pull/8515
Bumps
[com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt)
from 9.33 to 9.37.2.
Changelog
Sourced from https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt;>com.nimbusds:nimbus-jose-jwt's
changelog.
version 1.0 (2012-03-01)
First version based on the OpenInfoCard JWT, JWS and JWE code base.
version 1.1 (2012-03-06)
Introduces type-safe enumeration of the JSON Web Algorithms (JWA).
Refactors the JWT class.
version 1.2 (2012-03-08)
Moves JWS and JWE code into separate classes.
version 1.3 (2012-03-09)
Switches to Apache Commons Codec for Base64URL encoding and decoding
Consolidates the crypto utilities within the package.
Introduces a JWT content serialiser class.
version 1.4 (2012-03-09)
Refactoring of JWT class and JUnit tests.
version 1.5 (2012-03-18)
Switches to JSON Smart for JSON serialisation and parsing.
Introduces claims set class with JSON objects, string, Base64URL and
byte array views.
version 1.6 (2012-03-20)
Creates class for representing, serialising and parsing JSON Web Keys
(JWK).
Introduces separate class for representing JWT headers.
version 1.7 (2012-04-01)
Introduces separate classes for plain, JWS and JWE headers.
Introduces separate classes for plain, signed and encrypted JWTs.
Removes the JWTContent class.
Removes password-based (PE820) encryption support.
version 1.8 (2012-04-03)
Adds support for the ZIP JWE header parameter.
Removes unsupported algorithms from the JWA enumeration.
version 1.9 (2012-04-03)
Renames JWEHeader.{get|set}EncryptionAlgorithm() to
JWEHeader.{get|set}EncryptionMethod().
version 1.9.1 (2012-04-03)
Upgrades JSON Smart JAR to 1.1.1.
version 1.10 (2012-04-14)
Introduces serialize() method to base abstract JWT class.
version 1.11 (2012-05-13)
JWT.serialize() throws checked JWTException instead of
... (truncated)
Commits
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/9a277ea957884bbd4388c1611b56ad618c51f976;>9a277ea
[maven-release-plugin] prepare for next development iteration
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/c695b11a3e3fdaa73058e84cb305595de6720be5;>c695b11
Fixes the MACSigner.sign method for SecretKey instances that don't expose
the...
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/45f15d1e2733502face534f914908c382888bc6b;>45f15d1
Updates the MACVerifier to support SecretKey instances don't expose the key
m...
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/e965e9603d239d037512449bc8ad850cf2fdf6b7;>e965e96
[maven-release-plugin] prepare release 9.34
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/8d67f6c3fdf6af4ed4473b4a81968328bbe08726;>8d67f6c
[maven-release-plugin] prepare for next development iteration
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/f64e094030ab82659dbfaea8c489cc56291539cf;>f64e094
Makes the abstract class BaseJWEProvider public (iss https://bitbucket.org/connect2id/nimbus-jose-jwt/issues/521;>#521)
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ad6fed330a6bc5dbcb343aafd085ffd0d15c07d7;>ad6fed3
[maven-release-plugin] prepare release 9.35
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/81c7f24cc8a49f0f87c530e50d750bb1db22b4a8;>81c7f24
[maven-release-plugin] prepare for next development iteration
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/24aaaf02edf5d1ae4cc449b3d81a9151f26953dc;>24aaaf0
Bumps jacoco-maven-plugin to 0.8.10
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/ff01cd912fe53ee2946170781fe243564920be94;>ff01cd9
Adds new JWKSet.filter method
Additional commits viewable in https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.37.2..9.33;>compare
view
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt=maven=9.33=9.37.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
-