Skip to content

nimbus-jose-jwt must be updated when oauth2-oidc-sdk is updated to ensure consistency #14047

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
marcusdacoregio opened this issue Oct 24, 2023 · 0 comments
Closed

nimbus-jose-jwt must be updated when oauth2-oidc-sdk is updated to ensure consistency #14047

marcusdacoregio opened this issue Oct 24, 2023 · 0 comments
Assignees
@marcusdacoregio
Labels
type: task A general task
Milestone
5.8.9

Comments

@marcusdacoregio
Copy link
Contributor

Since the updateDependencies plugin has been removed, we do not have a way to make sure that com.nimbusds:nimbus-jose-jwt is aligned with the transitive version that is used by com.nimbusds:oauth2-oidc-sdk.

It seems that Dependabot does not support such an arrangement. One idea is to consider a custom Gradle task that makes that check for us and does not allow the build to pass if the versions do not match.
@marcusdacoregio marcusdacoregio added in: build An issue in the build type: task A general task labels Oct 24, 2023
@marcusdacoregio marcusdacoregio self-assigned this Oct 24, 2023
marcusdacoregio added a commit to marcusdacoregio/spring-security that referenced this issue Oct 25, 2023
@marcusdacoregio
Fail build if nimbus-jose-jwt version is not aligned
7b87104 
Closes spring-projectsgh-14047
@marcusdacoregio marcusdacoregio removed the in: build An issue in the build label Oct 25, 2023
@marcusdacoregio marcusdacoregio added this to the 5.8.9 milestone Oct 25, 2023
@marcusdacoregio marcusdacoregio mentioned this issue Oct 25, 2023
Closed
marcusdacoregio added a commit that referenced this issue Oct 27, 2023
@marcusdacoregio
Polish VerifyDependenciesVersionsPlugin
6654479 
Issue gh-14047
marcusdacoregio added a commit that referenced this issue Oct 30, 2023
@marcusdacoregio
Fix verifyDependenciesVersions not working with s101
47969ec 
Issue gh-14047
marcusdacoregio added a commit that referenced this issue Oct 30, 2023
@marcusdacoregio
Use lenient configuration to resolve artifacts
884014c 
Issue gh-14047
marcusdacoregio added a commit that referenced this issue Oct 30, 2023
@marcusdacoregio
Use lenient configuration for prohibited dependencies check
602d418 
Issue gh-14047
marcusdacoregio added a commit that referenced this issue Oct 30, 2023
@marcusdacoregio
Resolve versions without downloading dependencies
e8ec49b 
Issue gh-14047
marcusdacoregio added a commit that referenced this issue Oct 30, 2023
@marcusdacoregio
Use version catalog to resolve nimbus dependency versions
3f64c6d 
Issue gh-14047
@marcusdacoregio marcusdacoregio mentioned this issue Oct 31, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marcusdacoregio marcusdacoregio

Labels
type: task A general task
Projects
None yet
Milestone
5.8.9
Development

No branches or pull requests
1 participant
@marcusdacoregio