[ https://issues.apache.org/jira/browse/JAMES-3686?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17460500#comment-17460500 ]
René Cordier commented on JAMES-3686: ------------------------------------- [https://github.com/apache/james-project/pull/797] has fixed this and been merged > Upgrade JWT's lib version > -------------------------- > > Key: JAMES-3686 > URL: https://issues.apache.org/jira/browse/JAMES-3686 > Project: James Server > Issue Type: Improvement > Reporter: Tung TRAN > Priority: Major > Time Spent: 0.5h > Remaining Estimate: 0h > > *Why* > A long time since the last JJWT's lib version that we use (0.9.1 release from > 2018). > 3 years old for a crypto lib is not glop. > Current: > {code:java} > <dependency> > <groupId>io.jsonwebtoken</groupId> > <artifactId>jjwt</artifactId> > <version>0.9.1</version> > </dependency>{code} > *How* > Use the new version: [https://github.com/jwtk/jjwt] > {code:java} > <dependency> > <groupId>io.jsonwebtoken</groupId> > <artifactId>jjwt-api</artifactId> > <version>0.11.2</version> > </dependency> > <dependency> > <groupId>io.jsonwebtoken</groupId> > <artifactId>jjwt-impl</artifactId> > <version>0.11.2</version> > <scope>runtime</scope> > </dependency> > <dependency> > <groupId>io.jsonwebtoken</groupId> > <artifactId>jjwt-jackson</artifactId> > <version>0.11.2</version> > <scope>runtime</scope> > </dependency>{code} -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org For additional commands, e-mail: server-dev-h...@james.apache.org