From 4911798a5a467cc4a34efc8900f2e5210abb45b4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 Dec 2023 14:41:29 +0100
Subject: [PATCH] Bump com.nimbusds:nimbus-jose-jwt from 9.37.2 to 9.37.3
 (#3817)

Bumps
[com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt)
from 9.37.2 to 9.37.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt">com.nimbusds:nimbus-jose-jwt's
changelog</a>.</em></p>
<blockquote>
<p>version 1.0 (2012-03-01)</p>
<ul>
<li>First version based on the OpenInfoCard JWT, JWS and JWE code
base.</li>
</ul>
<p>version 1.1 (2012-03-06)</p>
<ul>
<li>Introduces type-safe enumeration of the JSON Web Algorithms
(JWA).</li>
<li>Refactors the JWT class.</li>
</ul>
<p>version 1.2 (2012-03-08)</p>
<ul>
<li>Moves JWS and JWE code into separate classes.</li>
</ul>
<p>version 1.3 (2012-03-09)</p>
<ul>
<li>Switches to Apache Commons Codec for Base64URL encoding and
decoding</li>
<li>Consolidates the crypto utilities within the package.</li>
<li>Introduces a JWT content serialiser class.</li>
</ul>
<p>version 1.4 (2012-03-09)</p>
<ul>
<li>Refactoring of JWT class and JUnit tests.</li>
</ul>
<p>version 1.5 (2012-03-18)</p>
<ul>
<li>Switches to JSON Smart for JSON serialisation and parsing.</li>
<li>Introduces claims set class with JSON objects, string, Base64URL and
byte array views.</li>
</ul>
<p>version 1.6 (2012-03-20)</p>
<ul>
<li>Creates class for representing, serialising and parsing JSON Web
Keys
(JWK).</li>
<li>Introduces separate class for representing JWT headers.</li>
</ul>
<p>version 1.7 (2012-04-01)</p>
<ul>
<li>Introduces separate classes for plain, JWS and JWE headers.</li>
<li>Introduces separate classes for plain, signed and encrypted
JWTs.</li>
<li>Removes the JWTContent class.</li>
<li>Removes password-based (PE820) encryption support.</li>
</ul>
<p>version 1.8 (2012-04-03)</p>
<ul>
<li>Adds support for the ZIP JWE header parameter.</li>
<li>Removes unsupported algorithms from the JWA enumeration.</li>
</ul>
<p>version 1.9 (2012-04-03)</p>
<ul>
<li>Renames JWEHeader.{get|set}EncryptionAlgorithm() to
JWEHeader.{get|set}EncryptionMethod().</li>
</ul>
<p>version 1.9.1 (2012-04-03)</p>
<ul>
<li>Upgrades JSON Smart JAR to 1.1.1.</li>
</ul>
<p>version 1.10 (2012-04-14)</p>
<ul>
<li>Introduces serialize() method to base abstract JWT class.</li>
</ul>
<p>version 1.11 (2012-05-13)</p>
<ul>
<li>JWT.serialize() throws checked JWTException instead of</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/2432c09121add9fe6b2db9173131dd777939bfee"><code>2432c09</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/fa9737c49f1ae706d8929abfcb6f346b04275e03"><code>fa9737c</code></a>
Bumps Tink and BC deps</li>
<li><a
href="https://bitbucket.org/connect2id/nimbus-jose-jwt/commits/431f492225d8812cc6e57c6ebe1363e2fab2baba"><code>431f492</code></a>
[maven-release-plugin] prepare release 9.37.3</li>
<li>See full diff in <a
href="https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/9.37.3..9.37.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.nimbusds:nimbus-jose-jwt&package-manager=gradle&previous-version=9.37.2&new-version=9.37.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index b2d8e7c292..0f969d375b 100644
--- a/build.gradle
+++ b/build.gradle
@@ -579,7 +579,7 @@ dependencies {
     implementation 'commons-cli:commons-cli:1.6.0'
     implementation "org.bouncycastle:bcprov-jdk15to18:${versions.bouncycastle}"
     implementation 'org.ldaptive:ldaptive:1.2.3'
-    implementation 'com.nimbusds:nimbus-jose-jwt:9.37.2'
+    implementation 'com.nimbusds:nimbus-jose-jwt:9.37.3'
 
     //JWT
     implementation "io.jsonwebtoken:jjwt-api:${jjwt_version}"