This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-java.git
The following commit(s) were added to refs/heads/main by this push:
new 74a7996d4 MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.20.1 to
11.34 (#1074)
74a7996d4 is described below
commit 74a7996d40226c659c3b0ae03c0ae75a4964f282
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Mon Mar 16 09:55:27 2026 +0100
MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.20.1 to 11.34 (#1074)
Bumps
[com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)
from 11.20.1 to 11.34.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt";>com.nimbusds:oauth2-oidc-sdk's
changelog</a>.</em></p>
<blockquote>
<p>version 1.0 (2012-05-29)
* First official release with authorisation endpoint, token endpoint,
check
ID endpoint and UserInfo endpoint support.
* JSON Web Tokens (JWTs) support through the Nimbus-JWT library.
* Language Tags (RFC 5646) support through the Nimbus-LangTag library.
* JSON support through the JSON Smart library.</p>
<p>version 2.0 (2013-05-13)
* Intermediary development release with Maven build, published to
Maven Central.</p>
<p>version 2.1 (2013-06-06)
* Updates the APIs to OpenID Connect Messages draft 20, OpenID Connect
Standard draft 21, OpenID Connect Discovery draft 17 and OpenID
Connect Registration draft 19.
* Major refactoring of the APIs for greater simplicity.
* Adds JUnit tests.</p>
<p>version 2.2 (2013-06-18)
* Refactors dynamic OpenID Connect client registration.
* Adds partial support of the OAuth 2.0 Dynamic Client Registration
Protocol (draft-ietf-oauth-dyn-reg-12).
* Optimises parsing of request parameters consisting of one or more
tokens (scope, response type, etc).</p>
<p>version 2.3 (2013-06-19)
* Renames OAuth 2.0 dynamic client registration package.
* Adds ClientInformation.getClientMetadata() method.
* Adds OIDCClientInformation class.</p>
<p>version 2.4 (2013-06-20)
* Adds static OIDCClientInformation.parse(JSONObject) method.</p>
<p>version 2.5 (2013-06-22)
* Adds support OAuth 2.0 dynamic client update.
* Adds OpenID Connect dynamic client registration classes.</p>
<p>version 2.6 (2013-06-25)
* Enforces order of preference of ACR values in OpenID Connect client
metadata, as required by the specification.
* Documentation and performance improvements.</p>
<p>version 2.7 (2013-06-26)
* Switches Identifier generation to java.security.SecureRandom.</p>
<p>version 2.8 (2013-06-30)
* Fixes serialisation and assignment bugs in ClientMetadata.
* Switches Secret generation to java.security.SecureRandom.</p>
<p>version 2.9 (2013-09-17)</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/668f6d8de81cad42984e4cacb19f69261a2254b6";><code>668f6d8</code></a>
The ParseException message thrown by Prompt.Type.parse must not include
parse...</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/75cde87ee5301a3cc558ed040bcc51db4ff0184d";><code>75cde87</code></a>
Updates test sample X.509 cert chain resource</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/a7a9623882a119b4024798a91955b9fc0cc095b5";><code>a7a9623</code></a>
[maven-release-plugin] prepare release 11.30.2</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/e03c9bbc8e208307b0ec6d0970901b2b5fcc5d83";><code>e03c9bb</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/6f11e3038f6ebc6ded2045a145bafb22d3c66b13";><code>6f11e30</code></a>
Expands AMR test coverage</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/afba676c638c25b9acbc88f677bfa321e6e0d6da";><code>afba676</code></a>
Adds static AMR.parseList(Collection<String>) method</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/4b700b3f2176a8c04c8df6298a594a6419041caf";><code>4b700b3</code></a>
[maven-release-plugin] prepare release 11.31</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/b214cfadec399b2bd695173cc8613529434f1237";><code>b214cfa</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/28628f9543f4b18f4a4c1368846386a95142777d";><code>28628f9</code></a>
The DPoPCommonVerifier must instantiate the DPoPProofClaimsSetVerifier
with t...</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/4df4d53cea079a3bc14ec8a36117205284bdbdf3";><code>4df4d53</code></a>
The DPoPCommonVerifier must instantiate the DPoPProofClaimsSetVerifier
with t...</li>
<li>Additional commits viewable in <a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.34..11.20.1";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
---
flight/flight-sql-jdbc-core/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/flight/flight-sql-jdbc-core/pom.xml
b/flight/flight-sql-jdbc-core/pom.xml
index 53c630ab4..ffeff1246 100644
--- a/flight/flight-sql-jdbc-core/pom.xml
+++ b/flight/flight-sql-jdbc-core/pom.xml
@@ -182,7 +182,7 @@ under the License.
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
- <version>11.20.1</version>
+ <version>11.34</version>
</dependency>
</dependencies>
