Merge branch 'release/5.0.5'

.github/workflows/build.yaml

@@ -7,17 +7,43 @@ on:
       - support/4.6
   pull_request:
 
+concurrency:
+  group: ${{ github.ref }}
+  cancel-in-progress: true
+
 permissions:
   checks: write
 
 jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+      - uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0
+        with:
+          disable-sudo: true
+          egress-policy: block
+          allowed-endpoints: >
+            api.adoptopenjdk.net:443
+            api.github.com:443
+            auth.docker.io:443
+            codecov.io:443
+            docker.io:443
+            downloads.gradle-dn.com:443
+            downloads.gradle.org:443
+            github.com:443
+            jcenter.bintray.com:443
+            objects.githubusercontent.com:443
+            plugins.gradle.org:443
+            plugins-artifacts.gradle.org:443
+            production.cloudflare.docker.com:443
+            registry-1.docker.io:443
+            repo.maven.apache.org:443
+            services.gradle.org:443
+            uploader.codecov.io:443
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
         with:
           lfs: true
-      - uses: actions/setup-java@3f07048e3d294f56e9b90ac5ea2c6f74e9ad0f98 # v3.10.0
+      - uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.11.0
         with:
           distribution: 'adopt'
           java-version: '17'
@@ -30,7 +56,7 @@ jobs:
       - uses: supercharge/redis-github-action@f63fe516254d0af5df91755a4488274c2e71e38c # v1.5.0
       - uses: gradle/wrapper-validation-action@8d49e559aae34d3e0eb16cde532684bc9702762b # v1.0.6
       - run: ./gradlew --no-daemon check publishToMavenLocal
-      - uses: codecov/codecov-action@d9f34f8cd5cb3b3eb79b3e4b5dae3a16df499a70 # v3.1.1
+      - uses: codecov/codecov-action@894ff025c7b54547a9a2a1e9f228beae737ad3c2 # v3.1.3
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
       - id: output_version
@@ -47,14 +73,41 @@ jobs:
       securityJwtVersion: ${{ steps.output_version.outputs.securityJwtVersion }}
 
   integration-tests:
+    if: github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/support/4.6'
     strategy:
       matrix:
         springBootVersion:
-          - 3.0.5
+          - 3.0.7
+          - 3.1.0
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
+      - uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0
+        with:
+          disable-sudo: true
+          egress-policy: block
+          allowed-endpoints: >
+            api.adoptopenjdk.net:443
+            api.github.com:443
+            auth.docker.io:443
+            codecov.io:443
+            docker.io:443
+            downloads.gradle-dn.com:443
+            downloads.gradle.org:443
+            github.com:443
+            jcenter.bintray.com:443
+            jfrog-prod-use1-shared-virginia-main.s3.amazonaws.com:443
+            objects.githubusercontent.com:443
+            plugins.gradle.org:443
+            plugins-artifacts.gradle.org:443
+            production.cloudflare.docker.com:443
+            registry-1.docker.io:443
+            repo.maven.apache.org:443
+            repo.spring.io:443
+            services.gradle.org:443
+            storage.googleapis.com:443
+            uploader.codecov.io:443
+      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
         with:
           repository: 'bratkartoffel/security-jwt-examples'
           ref: 'master'
@@ -66,7 +119,7 @@ jobs:
           key: ${{ runner.os }}-maven-${{ github.run_id }}
           restore-keys: |
             ${{ runner.os }}-maven-${{ github.run_id }}
-      - uses: actions/setup-java@3f07048e3d294f56e9b90ac5ea2c6f74e9ad0f98 # v3.10.0
+      - uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.11.0
         with:
           distribution: 'adopt'
           java-version: '17'

CHANGELOG.md

@@ -3,6 +3,18 @@
 ### [unreleased]
 * no changes yet
 
+### [5.0.5] (2023-05-19)
+* (base) upgrade openapi dependency to 2.2.10
+* (base) upgrade jackson to 2.15.1
+* (all) upgrade bouncycastle to 1.73, change to jdk18on variant
+* (redis) upgrade jedis to 4.4.1
+
+### [4.6.7] (2023-05-19)
+* (all) upgrade jackson-datatype to 2.14.3 (cannot upgrade to 2.15.x as of snakeyaml 2.0 incompatibility)
+* (all) upgrade openapi to 1.6.15 (cannot upgrade to 1.7.x as of snakeyaml 2.0 incompatibility)
+* (all) upgrade bouncycastle to 1.73, change to jdk18on variant
+* (redis) upgrade jedis to 4.4.1
+
 ### [5.0.4] (2023-03-23)
 * (all) upgrade nimbus-jose-jwt to 9.31
 * (base) enhance TOTP service performance by ~40%, replace by library
@@ -195,7 +207,9 @@
 * Initial release to github and maven central
 
 
-[unreleased]: https://github.com/bratkartoffel/security-jwt/compare/5.0.4...develop
+[unreleased]: https://github.com/bratkartoffel/security-jwt/compare/5.0.5...develop
+[5.0.5]: https://github.com/bratkartoffel/security-jwt/compare/5.0.4...5.0.5
+[4.6.7]: https://github.com/bratkartoffel/security-jwt/compare/4.6.6...4.6.7
 [5.0.4]: https://github.com/bratkartoffel/security-jwt/compare/5.0.3...5.0.4
 [5.0.3]: https://github.com/bratkartoffel/security-jwt/compare/5.0.2...5.0.3
 [5.0.2]: https://github.com/bratkartoffel/security-jwt/compare/5.0.1...5.0.2

README.md

@@ -49,13 +49,13 @@ should be sufficient for the most use cases.
     <dependency>
         <groupId>eu.fraho.spring</groupId>
         <artifactId>security-jwt-base</artifactId>
-        <version>5.0.4</version>
+        <version>5.0.5</version>
     </dependency>
     <!-- or -->
     <dependency>
         <groupId>eu.fraho.spring</groupId>
         <artifactId>security-jwt-base-spring-boot-starter</artifactId>
-        <version>5.0.4</version>
+        <version>5.0.5</version>
     </dependency>
 </dependencies>
 ```
@@ -68,27 +68,27 @@ When you want to add refresh token support, then choose one of the following dep
     <dependency>
         <groupId>eu.fraho.spring</groupId>
         <artifactId>security-jwt-internal</artifactId>
-        <version>5.0.4</version>
+        <version>5.0.5</version>
     </dependency>
     <dependency>
         <groupId>eu.fraho.spring</groupId>
         <artifactId>security-jwt-memcache</artifactId>
-        <version>5.0.4</version>
+        <version>5.0.5</version>
     </dependency>
     <dependency>
         <groupId>eu.fraho.spring</groupId>
         <artifactId>security-jwt-hibernate</artifactId>
-        <version>5.0.4</version>
+        <version>5.0.5</version>
     </dependency>
     <dependency>
         <groupId>eu.fraho.spring</groupId>
         <artifactId>security-jwt-redis</artifactId>
-        <version>5.0.4</version>
+        <version>5.0.5</version>
     </dependency>
     <dependency>
         <groupId>eu.fraho.spring</groupId>
         <artifactId>security-jwt-files</artifactId>
-        <version>5.0.4</version>
+        <version>5.0.5</version>
     </dependency>
 </dependencies>
 ```

base-spring-boot-starter/build.gradle

@@ -1,5 +1,5 @@
 dependencies {
     api project(':base')
-    implementation group: "org.bouncycastle", name: "bcprov-jdk15on", version: "1.70"
+    implementation group: "org.bouncycastle", name: "bcprov-jdk18on", version: "1.73"
     testImplementation testFixtures(project(':base'))
 }

base/build.gradle

@@ -1,14 +1,14 @@
 dependencies {
     api group: "org.springframework.boot", name: "spring-boot-starter-web", version: "3.0.0"
     api group: "org.springframework.boot", name: "spring-boot-starter-security", version: "3.0.0"
-    api group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jdk8", version: "2.14.2"
+    api group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jdk8", version: "2.15.1"
     api group: "com.nimbusds", name: "nimbus-jose-jwt", version: "9.31"
     api group: "commons-codec", name: "commons-codec", version: "1.15"
-    api(group: "io.swagger.core.v3", name: "swagger-annotations-jakarta", version: "2.2.8")
+    api(group: "io.swagger.core.v3", name: "swagger-annotations-jakarta", version: "2.2.10")
     api(group: "eu.fraho.libs", name: "libtotp", version: "1.0.0")
 
-    implementation group: "org.bouncycastle", name: "bcprov-jdk15on", version: "1.70"
-    testFixturesApi group: "org.bouncycastle", name: "bcprov-jdk15on", version: "1.70"
-    testImplementation group: "org.mockito", name: "mockito-core", version: "5.2.0"
-    testFixturesApi group: "org.mockito", name: "mockito-core", version: "5.2.0"
+    implementation group: "org.bouncycastle", name: "bcprov-jdk18on", version: "1.73"
+    testFixturesApi group: "org.bouncycastle", name: "bcprov-jdk18on", version: "1.73"
+    testImplementation group: "org.mockito", name: "mockito-core", version: "5.3.1"
+    testFixturesApi group: "org.mockito", name: "mockito-core", version: "5.3.1"
 }

build.gradle

@@ -1,8 +1,8 @@
 plugins {
-    id 'io.freefair.lombok' version "6.6.3" apply false
+    id 'io.freefair.lombok' version "8.0.1" apply false
     id 'com.adarshr.test-logger' version "3.2.0" apply false
     id 'com.github.ben-manes.versions' version "0.46.0"
-    id 'org.springframework.boot' version "3.0.4" apply false
+    id 'org.springframework.boot' version "3.1.0" apply false
 }
 
 subprojects {
@@ -11,6 +11,7 @@ subprojects {
     apply plugin: 'io.freefair.lombok'
     apply plugin: 'com.adarshr.test-logger'
     apply plugin: 'io.spring.dependency-management'
+    apply plugin: 'com.github.ben-manes.versions'
 
     repositories {
         mavenLocal()
@@ -47,12 +48,12 @@ subprojects {
     }
 
     dependencies {
-        annotationProcessor group: "org.springframework.boot", name: "spring-boot-configuration-processor", version: "3.0.4"
+        annotationProcessor group: "org.springframework.boot", name: "spring-boot-configuration-processor", version: "3.1.0"
 
         testFixturesApi group: "org.springframework.boot", name: "spring-boot-starter-test", version: "3.0.0"
         testFixturesApi group: "org.springframework.boot", name: "spring-boot-starter-web", version: "3.0.0"
-        testFixturesApi group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jsr310", version: "2.14.2"
-        testFixturesApi group: 'org.junit.jupiter', name: 'junit-jupiter', version: "5.9.2"
+        testFixturesApi group: "com.fasterxml.jackson.datatype", name: "jackson-datatype-jsr310", version: "2.15.1"
+        testFixturesApi group: 'org.junit.jupiter', name: 'junit-jupiter', version: "5.9.3"
     }
 
     configurations.configureEach {
@@ -62,7 +63,7 @@ subprojects {
 
     // code coverage
     apply plugin: 'jacoco'
-    jacoco.toolVersion = "0.8.7"
+    jacoco.toolVersion = "0.8.10"
     jacocoTestReport.reports {
         xml.required = true
         html.required = true

files/README.md

@@ -7,7 +7,7 @@ This module adds support for storing refresh tokens within an simple json docume
 <dependency>
     <groupId>eu.fraho.spring</groupId>
     <artifactId>security-jwt-files</artifactId>
-    <version>5.0.4</version>
+    <version>5.0.5</version>
 </dependency>
 ```
 

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.0.2-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.1.1-bin.zip
 networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

gradlew

@@ -85,9 +85,6 @@ done
 APP_BASE_NAME=${0##*/}
 APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
 
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
-
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
 
@@ -197,6 +194,10 @@ if "$cygwin" || "$msys" ; then
     done
 fi
 
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
 # Collect all arguments for the java command;
 #   * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
 #     shell script including quotes and variable substitutions, so put them in

hibernate/README.md

@@ -13,7 +13,7 @@ for rows you have to regularly cleanup the token table, e.g. by using a cronjob.
 <dependency>
     <groupId>eu.fraho.spring</groupId>
     <artifactId>security-jwt-hibernate</artifactId>
-    <version>5.0.4</version>
+    <version>5.0.5</version>
 </dependency>
 ```
 

internal/README.md

@@ -7,7 +7,7 @@ This module adds support for storing refresh tokens within an in-memory storage.
 <dependency>
     <groupId>eu.fraho.spring</groupId>
     <artifactId>security-jwt-internal</artifactId>
-    <version>5.0.4</version>
+    <version>5.0.5</version>
 </dependency>
 ```
 

memcache/README.md

@@ -9,7 +9,7 @@ Please note that the memcache-plugin needs an external memcached server.
 <dependency>
     <groupId>eu.fraho.spring</groupId>
     <artifactId>security-jwt-memcache</artifactId>
-    <version>5.0.4</version>
+    <version>5.0.5</version>
 </dependency>
 ```
 

redis/README.md

@@ -9,7 +9,7 @@ Please note that the redis-plugin needs an external redisd server.
 <dependency>
     <groupId>eu.fraho.spring</groupId>
     <artifactId>security-jwt-redis</artifactId>
-    <version>5.0.4</version>
+    <version>5.0.5</version>
 </dependency>
 ```
 

redis/build.gradle

@@ -1,6 +1,6 @@
 dependencies {
     api project(':base')
-    api group: "redis.clients", name: "jedis", version: "4.3.1"
+    api group: "redis.clients", name: "jedis", version: "4.4.1"
 
     testImplementation testFixtures(project(':base'))
 }

version.txt

@@ -1 +1 @@
-5.0.4
+5.0.5