Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(deps): update dependency com.google.crypto.tink:tink to v1.9.0 (#…
…8056) [](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [com.google.crypto.tink:tink](https://togithub.com/tink-crypto/tink-java) | `1.7.0` -> `1.9.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### ⚠ Dependency Lookup Warnings ⚠ Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>tink-crypto/tink-java</summary> ### [`v1.9.0`](https://togithub.com/tink-crypto/tink-java/releases/tag/v1.9.0): Tink Java 1.9.0 [Compare Source](https://togithub.com/tink-crypto/tink-java/compare/v1.8.0...v1.9.0) Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks. **This is Tink Java 1.9.0** To get started using Tink, see [the setup guide](https://developers.google.com/tink/tink-setup#java). ##### Maven: <dependency> <groupId>com.google.crypto.tink</groupId> <artifactId>tink</artifactId> <version>1.9.0</version> </dependency> ##### Gradle: dependencies { implementation 'com.google.crypto.tink:tink-android:1.9.0' } ##### Bazel: ```python load("@​bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") RULES_JVM_EXTERNAL_TAG = "4.5" RULES_JVM_EXTERNAL_SHA ="b17d7388feb9bfa7f2fa09031b32707df529f26c91ab9e5d909eb1676badd9a6" http_archive( name = "rules_jvm_external", strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG, sha256 = RULES_JVM_EXTERNAL_SHA, url = "https://togithub.com/bazelbuild/rules_jvm_external/archive/refs/tags/%s.zip" % RULES_JVM_EXTERNAL_TAG, ) load("@​rules_jvm_external//:repositories.bzl", "rules_jvm_external_deps") rules_jvm_external_deps() load("@​rules_jvm_external//:setup.bzl", "rules_jvm_external_setup") rules_jvm_external_setup() load("@​rules_jvm_external//:defs.bzl", "maven_install") maven_install( artifacts = [ "com.google.crypto.tink:tink:1.9.0", ##### ... other dependencies ... ], repositories = [ "https://repo1.maven.org/maven2", ], ) ``` Alternatively, one can build Tink from source, and include it with `http_archive`: ```python http_archive( name = "com_github_tink_crypto_tink_java", urls = ["https://togithub.com/tink-crypto/tink-java/archive/refs/tags/v1.9.0.zip"], strip_prefix = "tink-java-1.9.0", sha256 = "9735df7992df73d1518661ac6cf8918fa4693673adaaf0bdee253c24c521c832", ) load("@​tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps") tink_java_deps() load("@​tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init") tink_java_deps_init() ##### ... maven_install( artifacts = TINK_MAVEN_ARTIFACTS + # ... other dependencies ... repositories = [ "https://maven.google.com", "https://repo1.maven.org/maven2", ], ) ``` > WARNING: When building from source users that require KMS extensions as well must now explicitly include them, since they are published in separate repositories: > > - https://togithub.com/tink-crypto/tink-java-awskms > - https://togithub.com/tink-crypto/tink-java-gcpkms For example, to use `tink-java-gcpkms` your `WORKSPACE` file becomes as follows (analogously for `tink-java-awskms`): ```python http_archive( name = "com_github_tink_crypto_tink_java", urls = ["https://togithub.com/tink-crypto/tink-java/archive/refs/tags/v1.9.0.zip"], strip_prefix = "tink-java-1.9.0", sha256 = "9735df7992df73d1518661ac6cf8918fa4693673adaaf0bdee253c24c521c832", ) http_archive( name = "tink_java_gcpkms", urls = ["https://togithub.com/tink-crypto/tink-java-gcpkms/archive/refs/tags/v<SOME_RELEASE>.zip"], strip_prefix = "tink-java-gcpkms-<SOME_RELEASE>", sha256 = ... ) load("@​tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps") tink_java_deps() load("@​tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init") tink_java_deps_init() load("@​tink_java_gcpkms//:tink_java_gcpkms_deps.bzl", "TINK_JAVA_GCPKMS_MAVEN_ARTIFACTS") ##### ... maven_install( artifacts = TINK_MAVEN_ARTIFACTS + TINK_JAVA_GCPKMS_MAVEN_ARTIFACTS + # ... other dependencies ... repositories = [ "https://maven.google.com", "https://repo1.maven.org/maven2", ], ) ``` Dependencies to targets in `//src/main/java/com/google/crypto/tink/integration/gcpkms` now are located in `@tink_java_gcpkms`. ##### What's new The complete list of changes since 1.8.0 can be found [here](https://togithub.com/tink-crypto/tink-java/compare/1.8...1.9). - Removed deprecation of some APIs - Minor refactorings/code improvements - Added new key/parameter interfaces for StreamingAead, DeterministicAead, HmacPrf and JwtMac - Added new key/parameter/serialization classes: - AesGcmHkdfStreaming - AesCtrHmacAead - AesCtrHmacStreaming - AesCmacPrf - [`Ed25519`](https://togithub.com/tink-crypto/tink-java/commit/Ed25519) - RsaSsaPkcs1 - AesSiv - JwtHmac - Add Refaster (https://errorprone.info/docs/refaster) templates to easily migrate away from deprecated APIs - Improved performance of `AesGcmSiv` ([commit](https://togithub.com/tink-crypto/tink-java/commit/f7ba536704ab5c5352c7f320d93623151e8d74bc)) - Fixed Maven dependency issues: - [https://togithub.com/tink-crypto/tink-java/issues/4](https://togithub.com/tink-crypto/tink-java/issues/4): Removed `androidx.annotations` from `com.google.crypto.tink:tink` ([commit](https://togithub.com/tink-crypto/tink-java/commit/224e2246d823aa2631bcef5e97e1c2117df8789c)); as a result, com.google.crypto.tink:tink has only dependencies from Maven Central. - [https://togithub.com/tink-crypto/tink-java/issues/7](https://togithub.com/tink-crypto/tink-java/issues/7): Add missing dependencies to `com.google.crypto.tink:tink-android`’s POM file ([commit](https://togithub.com/tink-crypto/tink-java/commit/ce8fb4a99fb567fcbc235d57aa1be8f397f9a4c7)). - Upgraded dependencies: - com.google.code.gson:gson:2.10.1 - com.google.errorprone:error_prone_annotations:2.18 - com.google.http-client:google-http-client:1.43.1 - com.google.http-client:google-http-client-gson:1.43.1 - joda-time:joda-time:2.12.5 - junit:junit:4.13.2 - androidx.annotation:annotation:1.5.0 To see what we're working towards, check our [project roadmap](https://developers.google.com/tink/roadmap). ### [`v1.8.0`](https://togithub.com/tink-crypto/tink-java/releases/tag/v1.8.0): Tink Java 1.8.0 Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks. **This is Tink Java 1.8.0** To get started using Tink, see [the setup guide](https://developers.google.com/tink/tink-setup#java). ##### Maven: <dependency> <groupId>com.google.crypto.tink</groupId> <artifactId>tink</artifactId> <version>1.8.0</version> </dependency> ##### Gradle: dependencies { implementation 'com.google.crypto.tink:tink-android:1.8.0' } ##### Bazel: ```python load("@​bazel_tools//tools/build_defs/repo:http.bzl", "http_archive") RULES_JVM_EXTERNAL_TAG = "4.5" RULES_JVM_EXTERNAL_SHA ="b17d7388feb9bfa7f2fa09031b32707df529f26c91ab9e5d909eb1676badd9a6" http_archive( name = "rules_jvm_external", strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG, sha256 = RULES_JVM_EXTERNAL_SHA, url = "https://togithub.com/bazelbuild/rules_jvm_external/archive/refs/tags/%s.zip" % RULES_JVM_EXTERNAL_TAG, ) load("@​rules_jvm_external//:repositories.bzl", "rules_jvm_external_deps") rules_jvm_external_deps() load("@​rules_jvm_external//:setup.bzl", "rules_jvm_external_setup") rules_jvm_external_setup() load("@​rules_jvm_external//:defs.bzl", "maven_install") maven_install( artifacts = [ "com.google.crypto.tink:tink:1.8.0", ##### ... other dependencies ... ], repositories = [ "https://maven.google.com", "https://repo1.maven.org/maven2", ], ) ``` Alternatively, one can build Tink from source, and include it with `http_archive`: ```python http_archive( name = "com_github_tink_crypto_tink_java", urls = ["https://togithub.com/tink-crypto/tink-java/archive/refs/tags/v1.8.0.zip"], strip_prefix = "tink-java-1.8.0", sha256 = "cff458ea60897f7a5edc91d1eb9c58c650c2fd3206d94672f29c950b94398a49" ) load("@​tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps") tink_java_deps() load("@​tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init") tink_java_deps_init() ##### ... maven_install( artifacts = TINK_MAVEN_ARTIFACTS + # ... other dependencies ... repositories = [ "https://maven.google.com", "https://repo1.maven.org/maven2", ], ) ``` > WARNING: When building from source users that require KMS extensions as well must now explicitly include them, since they are published in separate repositories: > > - https://togithub.com/tink-crypto/tink-java-awskms > - https://togithub.com/tink-crypto/tink-java-gcpkms For example, to use `tink-java-gcpkms` your `WORKSPACE` file becomes as follows (analogously for `tink-java-awskms`): ```python http_archive( name = "com_github_tink_crypto_tink_java", urls = ["https://togithub.com/tink-crypto/tink-java/archive/refs/tags/v1.8.0.zip"], strip_prefix = "tink-java-1.8.0", sha256 = "cff458ea60897f7a5edc91d1eb9c58c650c2fd3206d94672f29c950b94398a49" ) http_archive( name = "tink_java_gcpkms", urls = ["https://togithub.com/tink-crypto/tink-java-gcpkms/archive/refs/tags/v<SOME_RELEASE>.zip"], strip_prefix = "tink-java-gcpkms-<SOME_RELEASE>", sha256 = ... ) load("@​tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps") tink_java_deps() load("@​tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init") tink_java_deps_init() load("@​tink_java_gcpkms//:tink_java_gcpkms_deps.bzl", "TINK_JAVA_GCPKMS_MAVEN_ARTIFACTS") ##### ... maven_install( artifacts = TINK_MAVEN_ARTIFACTS + TINK_JAVA_GCPKMS_MAVEN_ARTIFACTS + # ... other dependencies ... repositories = [ "https://maven.google.com", "https://repo1.maven.org/maven2", ], ) ``` Dependencies to targets in `//src/main/java/com/google/crypto/tink/integration/gcpkms` now are located in `@tink_java_gcpkms`. ##### What's new This is the first release from https://togithub.com/tink-crypto/tink-java. The complete list of changes since 1.7.0 can be found [here](https://togithub.com/tink-crypto/tink-java/compare/8849f9c387f0db25519240689bdebcf70af29b54...1.8). - Changed the `tink-java` POM file as follows: - Added missing dependency on `androidx.annotation.annotation`. - Only direct dependencies are listed. - Updated SCM details to point to [github.com/tink-crypto/tink-java](https://togithub.com/tink-crypto/tink-java). - Upgraded to Bazel 6.0. - The ChunkedMac primitive can now be used, available implementations are `AesCmac` and `Hmac`. - Added new API to read and write keysets: `TinkProtoKeysetFormat` and `TinkJsonProtoKeysetFormat`. - JSON parsing now rejects duplicated map entries. - See [this](https://togithub.com/tink-crypto/tink-java/commit/c96d3a1678c99a96e68b2df34bfaf1d20297fdd6) and [this](https://togithub.com/tink-crypto/tink-java/commit/9c832a33a96be5999341abdf3483fa9bc1fe0316) commits. - Fixed two race conditions in `com.google.crypto.tink.integration.android`. Also improved the exceptions raised. - ECDSA keys are now serialized using fixed size byte arrays. - Tink will prefer Conscrypt as a JCE provider for ECDSA if available. - Changes to PrimitiveSet API. Please note that the use of this class is discouraged and should be omitted when possible. - For the relevant changes see [commit](https://togithub.com/google/tink/commit/d509fa18d97036a8ecf484c7440e6260e7481cea). - (Only relevant if you use or maintain a custom Wrapper class) Registering a wrapper in Registry now requires that the object being registered is always the same. See examples [here](https://togithub.com/google/tink/commit/7b6ae2908c413b396f8ce0bad2b481eca859d2fa) and [here](https://togithub.com/google/tink/commit/3ab33de6f5d918e261eff7c73c67b8aed0476fe2). - Upgraded dependencies: - Protobuf to X.21.9 [443baab](https://togithub.com/tink-crypto/tink-java/commit/443baab8cf439d883e98dbeddb7b88f1ade2ac47). - `com.google.errorprone:error_prone_annotations` to 2.16. - `google.http-client:google-http-client` to 1.42.3. - `com.google.api-client:google-api-client` to 2.2.0. - `com.google.code.gson:gson` to 2.10. To see what we're working towards, check our [project roadmap](https://developers.google.com/tink/roadmap). </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Never, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/GoogleCloudPlatform/java-docs-samples). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS40OC4yIiwidXBkYXRlZEluVmVyIjoiMzUuNDguMiJ9-->
](https://renovatebot.com){kind=link}
- Loading branch information
1 parent
adfa866
commit 7367793