dependabot[bot] opened a new pull request, #13334:
URL: https://github.com/apache/pinot/pull/13334
Bumps
[com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt)
from 9.39.3 to 9.40.
Changelog
Sourced from https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt";>com.nimbusds:nimbus-jose-jwt's
changelog.
version 1.0 (2012-03-01)
First version based on the OpenInfoCard JWT, JWS and JWE code base.
version 1.1 (2012-03-06)
Introduces type-safe enumeration of the JSON Web Algorithms (JWA).
Refactors the JWT class.
version 1.2 (2012-03-08)
Moves JWS and JWE code into separate classes.
version 1.3 (2012-03-09)
Switches to Apache Commons Codec for Base64URL encoding and decoding
Consolidates the crypto utilities within the package.
Introduces a JWT content serialiser class.
version 1.4 (2012-03-09)
Refactoring of JWT class and JUnit tests.
version 1.5 (2012-03-18)
Switches to JSON Smart for JSON serialisation and parsing.
Introduces claims set class with JSON objects, string, Base64URL and
byte array views.
version 1.6 (2012-03-20)
Creates class for representing, serialising and parsing JSON Web Keys
(JWK).
Introduces separate class for representing JWT headers.
version 1.7 (2012-04-01)
Introduces separate classes for plain, JWS and JWE headers.
Introduces separate classes for plain, signed and encrypted JWTs.
Removes the JWTContent class.
Removes password-based (PE820) encryption support.
version 1.8 (2012-04-03)
Adds support for the ZIP JWE header parameter.
Removes unsupported algorithms from the JWA enumeration.
version 1.9 (2012-04-03)
Renames JWEHeader.{get|set}EncryptionAlgorithm() to
JWEHeader.{get|set}EncryptionMethod().
version 1.9.1 (2012-04-03)
Upgrades JSON Smart JAR to 1.1.1.
version 1.10 (2012-04-14)
Introduces serialize() method to base abstract JWT class.
version 1.11 (2012-05-13)
JWT.serialize() throws checked JWTException instead of
... (truncated)
Commits
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/493fc200e4df03dc8fb1272baa27471affb52119";>493fc20
[maven-release-plugin] prepare for next development iteration
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/2c6d225d80e335220cb51ffb64bc853bf4672640";>2c6d225
New JWTClaimsSet.Builder.serializeNullClaims(boolean) method, fixes
JWTClaims...
https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/2af7c016f8c6a6295a75e93a460e6ff57a579cad";>2af7c01
[maven-release-plugin] prepare release 9.40
See full diff in https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.40..9.39.3";>compare
view
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt&package-manager=maven&previous-version=9.39.3&new-version=9.40)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI
passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it.
You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of
the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to