This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-java.git
The following commit(s) were added to refs/heads/main by this push:
new 89fa995ea MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.34 to 11.37
(#1096)
89fa995ea is described below
commit 89fa995eac2aa84e0195341bff601dfce66b942e
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Mon Mar 30 10:22:13 2026 +0200
MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.34 to 11.37 (#1096)
Bumps
[com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)
from 11.34 to 11.37.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt";>com.nimbusds:oauth2-oidc-sdk's
changelog</a>.</em></p>
<blockquote>
<p>version 1.0 (2012-05-29)
* First official release with authorisation endpoint, token endpoint,
check
ID endpoint and UserInfo endpoint support.
* JSON Web Tokens (JWTs) support through the Nimbus-JWT library.
* Language Tags (RFC 5646) support through the Nimbus-LangTag library.
* JSON support through the JSON Smart library.</p>
<p>version 2.0 (2013-05-13)
* Intermediary development release with Maven build, published to
Maven Central.</p>
<p>version 2.1 (2013-06-06)
* Updates the APIs to OpenID Connect Messages draft 20, OpenID Connect
Standard draft 21, OpenID Connect Discovery draft 17 and OpenID
Connect Registration draft 19.
* Major refactoring of the APIs for greater simplicity.
* Adds JUnit tests.</p>
<p>version 2.2 (2013-06-18)
* Refactors dynamic OpenID Connect client registration.
* Adds partial support of the OAuth 2.0 Dynamic Client Registration
Protocol (draft-ietf-oauth-dyn-reg-12).
* Optimises parsing of request parameters consisting of one or more
tokens (scope, response type, etc).</p>
<p>version 2.3 (2013-06-19)
* Renames OAuth 2.0 dynamic client registration package.
* Adds ClientInformation.getClientMetadata() method.
* Adds OIDCClientInformation class.</p>
<p>version 2.4 (2013-06-20)
* Adds static OIDCClientInformation.parse(JSONObject) method.</p>
<p>version 2.5 (2013-06-22)
* Adds support OAuth 2.0 dynamic client update.
* Adds OpenID Connect dynamic client registration classes.</p>
<p>version 2.6 (2013-06-25)
* Enforces order of preference of ACR values in OpenID Connect client
metadata, as required by the specification.
* Documentation and performance improvements.</p>
<p>version 2.7 (2013-06-26)
* Switches Identifier generation to java.security.SecureRandom.</p>
<p>version 2.8 (2013-06-30)
* Fixes serialisation and assignment bugs in ClientMetadata.
* Switches Secret generation to java.security.SecureRandom.</p>
<p>version 2.9 (2013-09-17)</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/d98de1ab39f699e39903967775abc242fc064e78";><code>d98de1a</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/2ea716f29401515a656c73bef9d66d5860270b2f";><code>2ea716f</code></a>
Shortens InvalidClientException messages</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/ed5773c5a3383a4c5af5f8484aad2864dc1b79c6";><code>ed5773c</code></a>
TokenRevocationRequest receives custom form parameters support</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/e133559f00d1469a5da284cfdbb30d4d0102e3be";><code>e133559</code></a>
Updates tests for shortened InvalidClientException messages</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/fe43e1f129febee53c0a15178b08b6e835bcd460";><code>fe43e1f</code></a>
[maven-release-plugin] prepare release 11.35</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/73224c9422c0ebb3c1a3b5387aac2d529d8bef5b";><code>73224c9</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/f3f728613feb023640801faf33873d55f6c2ec98";><code>f3f7286</code></a>
Adds static JSONObjectUtils.getNonNegativeLong methods</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/d6899e0554d630956dd09e3d2ba1236ee66d2bd6";><code>d6899e0</code></a>
Cleans up JSONObjectUtils.getEnum(net.minidev.json.JSONObject,
java.lang.Stri...</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/9b05d23a876550842e75c1abff08795ac825b9a0";><code>9b05d23</code></a>
Adds non-negative checks when parsing Date instances from Unix
timestamps (is...</li>
<li><a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/592d8f4e82e7815966258c114b66834b9b4c9e6c";><code>592d8f4</code></a>
Adds "acr" and "auth_time" parameter (RFC 9470)
support to TokenIntrospection...</li>
<li>Additional commits viewable in <a
href="https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.37..11.34";>compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
---
flight/flight-sql-jdbc-core/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/flight/flight-sql-jdbc-core/pom.xml
b/flight/flight-sql-jdbc-core/pom.xml
index ffeff1246..483c019cd 100644
--- a/flight/flight-sql-jdbc-core/pom.xml
+++ b/flight/flight-sql-jdbc-core/pom.xml
@@ -182,7 +182,7 @@ under the License.
<dependency>
<groupId>com.nimbusds</groupId>
<artifactId>oauth2-oidc-sdk</artifactId>
- <version>11.34</version>
+ <version>11.37</version>
</dependency>
</dependencies>
