ExFirebaseAuth icon indicating copy to clipboard operation
ExFirebaseAuth copied to clipboard
verified publisher icon Nickforall

Bump jose from 1.11.2 to 1.11.5

Open dependabot[bot] opened this issue 3 years ago • 0 comments

Bumps jose from 1.11.2 to 1.11.5.

Release notes

Sourced from jose's releases.

1.11.5 (2022-12-16)

  • Fixes
    • Remove dependency on parse_transform for jose_base64 and jose_base64url.

1.11.4 (2022-12-15)

  • Enhancements
    • Add support for native crypto operations for Ed25519 and Ed448, thanks to @​brettbeatty; see #123.
    • Add support for native crypto operations for ChaCha20-Poly1305 and XChaCha20-Poly1305, when available.
    • Add support for libsodium operations for XChaCha20-Poly1305, when available.
    • Add support for thoas JSON encode/decode, thanks to @​michaelklishin; see #126.
    • Add support for ES256K which uses the secp256k1 curve and RS1 signatures (see 291dbb8).
    • Add support for ECDH-1PU JOSE.JWK.box_encrypt_ecdh_1pu and ECDH-ES JOSE.JWK.box_encrypt_ecdh_es and document the deprecated JOSE.JWK.box_encrypt.
    • Add support for ECDH-SS JOSE.JWK.box_encrypt_ecdh_ss.
    • Hide kty field when inspecting %JOSE.JWK{} strict, thanks to @​spencerdcarlson; see #139
  • Fixes
    • Version mismatch causing rebar3 to constantly try to update; see #122.
    • Fix Ed25519 and Ed448 key DER/PEM encode/decode for OTP 25.
    • Fix Ed25519ctx, Ed25519ph, Ed448, and Ed448ph when dealing with contexts so the implementation matches IETF RFC 8032.
    • Drop direct usage of crypto:hmac/4, thanks to @​thalesmg; see #136
    • Replace incorrect usage of -include_lib with -include, thanks to @​Richiban; see #140
    • Update the CI jobs so they actually run the Elixir tests, thanks to @​moogle19; see #137
    • Change the master branch to main.
Changelog

Sourced from jose's changelog.

1.11.5 (2022-12-16)

  • Fixes
    • Remove dependency on parse_transform for jose_base64 and jose_base64url.

1.11.4 (2022-12-15)

  • Enhancements
    • Add support for native crypto operations for Ed25519 and Ed448, thanks to @​brettbeatty; see #123.
    • Add support for native crypto operations for ChaCha20-Poly1305 and XChaCha20-Poly1305, when available.
    • Add support for libsodium operations for XChaCha20-Poly1305, when available.
    • Add support for thoas JSON encode/decode, thanks to @​michaelklishin; see #126.
    • Add support for ES256K which uses the secp256k1 curve and RS1 signatures (see 291dbb8).
    • Add support for ECDH-1PU JOSE.JWK.box_encrypt_ecdh_1pu and ECDH-ES JOSE.JWK.box_encrypt_ecdh_es and document the deprecated JOSE.JWK.box_encrypt.
    • Add support for ECDH-SS JOSE.JWK.box_encrypt_ecdh_ss.
    • Hide kty field when inspecting %JOSE.JWK{} strict, thanks to @​spencerdcarlson; see #139
  • Fixes
    • Version mismatch causing rebar3 to constantly try to update; see #122.
    • Fix Ed25519 and Ed448 key DER/PEM encode/decode for OTP 25.
    • Fix Ed25519ctx, Ed25519ph, Ed448, and Ed448ph when dealing with contexts so the implementation matches IETF RFC 8032.
    • Drop direct usage of crypto:hmac/4, thanks to @​thalesmg; see #136
    • Replace incorrect usage of -include_lib with -include, thanks to @​Richiban; see #140
    • Update the CI jobs so they actually run the Elixir tests, thanks to @​moogle19; see #137
    • Change the master branch to main.

1.11.3 (2022-08-28) - unreleased

  • This version was never actually released, but was referenced for a while on the master branch (see 43d3db4).
Commits
  • e0110a1 Version 1.11.5
  • 57ce00c Remove dependency on 'parse_transform' for 'jose_base64' and 'jose_base64url'
  • 5f2c32f Version 1.11.4
  • 58ea725 Bump versions of OTP and Elixir.
  • 9ef4d0e Merge pull request #137 from zahlz/ci
  • 44c76ad Merge branch 'zahlz-ci'
  • 771b31f Update CI job
  • 4dd5bc9 Merge pull request #136 from thalesmg/fix-drop-crypto-hmac4
  • 0571b87 Merge pull request #140 from Richiban/update-includes
  • 4af5a4a Merge pull request #139 from spencerdcarlson/main
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Dec 19 '22 04:12 dependabot[bot]