Releases: spiffe/java-spiffe
Releases · spiffe/java-spiffe
v0.8.17
Fixed
- Enforce SPIFFE-spec-compliant URI SAN validation for X.509-SVID leaf certificates (#421)
- Require a non-root SPIFFE ID path for X.509-SVID leaf certificates, per the SPIFFE spec (#417)
- Tighten SPIFFE ID path validation and segment construction to match the SPIFFE spec (#420)
- Parse SPIFFE IDs case-insensitively and normalize trust domains to lowercase in accordance with the SPIFFE spec (#416)
Dependency updates
v0.8.16
Fixed
- Require
spiffe://prefix when parsing SPIFFE IDs, tightening scheme validation (#398) - Ensure atomic snapshot of X.509 SVID and bundles in
DefaultX509Source, preventing torn reads under concurrency (#397) - Reject null bundles and empty cached SVID lists in core parsing/cache paths (#399)
- Validate presence of JWT audience claim during parsing (#399)
Dependency updates
v0.8.15
Fixed
- Fix X509SVID hint deduplication to apply only to non-empty hints (#385)
Dependency updates
- Remove lombok and replace all annotations with plain java implementations (#377)
- Bump io.netty:netty-transport-native-kqueue to 4.2.9.Final (#381)
- Bump com.google.protobuf to 0.9.6 (#389)
Build
- Upgrade to Gradle 9.2.1 and migrate Shadow plugin (#380)
- Remove deprecations and prep for Gradle 10 (#384)
- Add Makefile (#388)
Full Changelog: v0.8.14...v0.8.15
v0.8.14
What's Changed
Dependency updates
- Bump io.netty:netty-transport-native-kqueue to 4.2.7.Final (#358)
- Bump org.projectlombok:lombok to 1.18.42 (#362)
- Bump grpcVersion to 1.77.0 (#369)
- Bump com.nimbusds:nimbus-jose-jwt to 10.6 (#366)
- Bump commons-cli:commons-cli to 1.11.0 (#367)
- Bump commons-validator:commons-validator to 1.10.1 (#375)
- Bump org.apache.commons:commons-lang3 to 3.20.0 (#376)
Build & publishing
- Migrated artifact publishing from OSSRH to the new Sonatype Maven Central Portal.
Full Changelog: v0.8.13...v0.8.14
v.0.8.13
What's Changed
- Bump io.netty:netty-transport-native-kqueue from 4.2.1.Final to 4.2.2.Final by @dependabot[bot] in #332
- Bump com.nimbusds:nimbus-jose-jwt from 10.3 to 10.3.1 by @dependabot[bot] in #335
- Bump commons-validator:commons-validator from 1.9.0 to 1.10.0 by @dependabot[bot] in #338
- Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 by @dependabot[bot] in #339
Full Changelog: v0.8.12...v0.8.13
Contributors
dependabot
Assets 2
v0.8.12
What's Changed
- Bump grpcVersion to 1.73.0 (#327)
- Bump io.netty:netty-transport-native-kqueue to 4.2.1.Final (#321)
- Bump com.nimbusds:nimbus-jose-jwt to 10.3 (#323)
- Bump com.google.protobuf:protobuf-gradle-plugin to 0.9.5 (#314)
- Bump org.projectlombok:lombok to 1.18.38 (#313)
New Contributors
- @zetti12345 made their first contribution in #325
Full Changelog: v0.8.11...v0.8.12
Contributors
zetti12345
Assets 2
v0.8.11
What's Changed
- Fix CRLF newline removal in DER format logic by @newtork in #284
- Bump io.netty:netty-transport-native-kqueue from 4.1.114.Final to 4.1.115.Final by @dependabot in #281
- Bump com.nimbusds:nimbus-jose-jwt from 9.45 to 9.47 by @dependabot in #285
- Bump org.projectlombok:lombok from 1.18.34 to 1.18.36 by @dependabot in #286
New Contributors
Full Changelog: v0.8.10...v0.8.11
Contributors
newtork and dependabot
Assets 2
v0.8.10
What's Changed
- Bump jupiterVersion from 5.11.2 to 5.11.3 by @dependabot in #273
- Bump com.nimbusds:nimbus-jose-jwt from 9.41.2 to 9.42 by @dependabot in #275
- Bump grpcVersion from 1.68.0 to 1.68.1 by @dependabot in #276
- Bump com.nimbusds:nimbus-jose-jwt from 9.42 to 9.45 by @dependabot in #278
Full Changelog: v0.8.9...v0.8.10
Contributors
dependabot