Hi,

I’m looking at upgrading PDFBox from 3.0.3 to 3.0.4. I know that the bouncy 
castle jars (bcpkix-jdk18on, bcprov-jdk18on, bcutil-jdk18on) were optional 
dependencies, required only for public key encryption and signing (based on 
what I’m reading at 
https://pdfbox.apache.org/2.0/dependencies.html#public-key-encryption-and-signing).
 But in 3.0.4, the bouncy castle dependencies appear to be brought in as 
required dependencies from org.apache.pdfbox:pdfbox-debugger. Is that 
intentional?

Thank you!
--Dan Rabe

Reply via email to