Skip to content

Bump sslcontext-kickstart-for-pem from 7.4.11 to 8.3.4

dependabot requested to merge dependabot-maven-io.github.hakky54-sslcontext-kickstart-for-pem-8.3.4 into main

Bumps sslcontext-kickstart-for-pem from 7.4.11 to 8.3.4.

Changelog

Sourced from sslcontext-kickstart-for-pem's changelog.

v8.3.4

  • Bumped dependencies
  • Bug-fix added support for reloading ciphers in SSLEngine, SSLSocketFactory and SSLServerSocketFactory

v8.3.3

  • Added reloadable ciphers
  • Bumped dependencies

v8.3.2

  • Added custom security provider
  • Bumped dependencies
  • Bug-fix remove invalid characters when generating certificate alias
  • Bug-fix handle timout exception correctly on java 8 when extracting certificates

v8.3.1

  • Bumped dependencies
  • Added system name to the system trust manager
  • Bug-fix clear certificate collector after each fetch
  • Bug-fix resolve empty collector for certificate extracting client when disabling resolving root ca
  • Added timeout to certificate extracting client
  • Applied sonar recommendations

v8.3.0

  • Bumped dependencies
  • Added option to extract public key from private key
  • Added option to disable resolving root ca when extracting server certificates
  • Added options to exclude ciphers and protocols in the SSLFactory
  • Bug-fix allow adding new certificates in a nested TrustManager
  • Simplified adding certificates to TrustManager
  • Simplified swapping TrustManagers
  • Added JdkX509ExtendedTrustManager wrapper for JDK trusted CA's from cacerts
  • Added SystemX509ExtendedTrustManager wrapper for OS trusted CA's

v8.2.0

  • Added option to conceal trusted certificate names for a server
  • Bumped dependencies

v8.1.7

  • Resolved CVE-2023-33201 LDAP injection vulnerability caused by transitive dependency of Bouncy Castle in the library of sslcontext-kickstart-for-pem
  • Bumped dependencies
  • Filter out duplicate extracted certificates
  • Add appending capabilities to an existing keystore
  • Added option to extract port from uri

v8.1.6

  • Bug-fix Resolved antivirus alert by removing shell script layer from Mac OS X command to fetch system trusted Certificate Authorities
  • Bug-fix Resolved antivirus alert by excluding ~/Library/Keychains/login.keychain-db keychain file from MacCertificateUtils
  • Bumped dependencies
  • Added method to check if a certificate is a self-signed one in CertificateUtils

v8.1.5

  • Bug-fix Resolve exception for system certificates on Mac and Linux
  • Bump dependencies
  • Reduce code duplication

v8.1.4

... (truncated)

Commits
  • 918d067 [maven-release-plugin] prepare release v8.3.4
  • a11c3b1 Updated docs
  • a049cea Fixed typo
  • b661d4f Added wrappers for updating sslparameters (#468)
  • dc5bb3a Merge pull request #472 from sullis/bye-adopt-openjdk
  • 1d8d549 Bump io.projectreactor.netty:reactor-netty from 1.1.15 to 1.1.17 (#470)
  • a2620a1 Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.0 (#469)
  • d7f4a1c Merge pull request #471 from sullis/sean/setup-java-4-ftw
  • 30270fd replace AdoptOpenJDK with Zulu JDK
  • e253e11 setup-java v4
  • Additional commits viewable in compare view

Dependabot commands
You can trigger Dependabot actions by commenting on this MR
  • $dependabot rebase will rebase this MR
  • $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Merge request reports