Bump org.pgpainless:pgpainless-core from 1.6.7 to 1.7.5 #358

dependabot · 2025-03-26T22:22:23Z

Bumps org.pgpainless:pgpainless-core from 1.6.7 to 1.7.5.

Changelog

Sourced from org.pgpainless:pgpainless-core's changelog.

1.7.5

Actually attempt to fix Kotlin desugaring.

Bump javaSourceCompatibility and javaTargetCompatibility to 11

Bump gradle-wrapper to 8.8

1.7.4

Fix proper Kotlin desugaring for Java 8

1.7.3

Bump bcpg-jdk8on to 1.80

Bump bcprov-jdk18on to 1.80

Add dependency on bcutil-jdk18on as a workaround

Ignore unknown type signatures on certificates

Fix typo on signature creation bounds check (thanks @elduffy)

Fix superfluous newline added in CRLF encoding (thanks @bjansen)

Bump sop-java to 1.10.0

SOP inline-sign: Do not apply compression

1.7.2

Fix bug in KeyRingInfo.lastModified (thanks to @Jerbell, @sosnovsky for reporting)

Bump sop-java to 10.0.3

allow multiple arguments --with-key-password in revoke-key command

Properly pass --old-key-password and --new-key-password options as indirect arguments in change-key-password command

1.7.1

Bump sop-java to 10.0.2

Downgrade logback-core and logback-classic to 1.2.13 (fix CLI spam)

1.7.0

Bump bcpg-jdk8on to 1.78.1

Bump bcprov-jdk18on to 1.78.1

Bump logback-core and logback-classic to 1.4.14

pgpainless-core

Rewrote most of the codebase in Kotlin

Removed OpenPgpMetadata (decryptionStream.getResult()) in favor of MessageMetadata (decryptionStream.getMetadata())

Removed support for generating EC keys over non-standard curve secp256k1

Properly feed EOS tokens to the pushdown automaton when reaching the end of stream (thanks @iNPUTmice)

Do not choke on unknown signature subpackets (thanks @Jerbell)

Prevent timing issues resulting in subkey binding signatures predating the subkey (@thanks Jerbell)

Rename LibrePGP-related Feature enums:

GNUPG_AEAD_ENCRYPTED_DATA -> LIBREPGP_OCB_ENCRYPTED_DATA

GNUPG_VERSION_5_PUBLIC_KEY -> LIBREPGP_VERSION_5_PUBLIC_KEY

Properly reject signatures by non-signing primary keys

Add EncryptionBuilder.discardOutput() (useful for detached signing)

Remove support for generation of keys over non-standard secp256k1 curve

Add base support for padding packets

Do not choke on LibrePGP OED packets

Supersede addPassphrase()/addDecryptionPassphrase() methods with more clear addMessagePassphrase()

pgpainless-sop, pgpainless-cli

Bump sop-java to 10.0.1, implementing SOP Spec Revision 10

... (truncated)

Commits

de5ef4d PGPainless 1.7.5
2b9c5ea Update CHANGELOG
f054c30 Upgrade gradle-wrapper to 8.8
65113a6 Rework gradle, making use of toolchain feature
a0254f4 Simplify mavenCentralChecksums task
eebd02e Perform coveralls task after jacocoRootReport
7dc4329 PGPainless 1.7.5-SNAPSHOT
f22cada PGPainless 1.7.4
cb51bb6 Update changelog
c861a5e Set Java release version to 8 to fix Kotlin desugaring
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.pgpainless:pgpainless-core](https://github.com/pgpainless/pgpainless) from 1.6.7 to 1.7.5. - [Changelog](https://github.com/pgpainless/pgpainless/blob/main/CHANGELOG.md) - [Commits](pgpainless/pgpainless@1.6.7...1.7.5) --- updated-dependencies: - dependency-name: org.pgpainless:pgpainless-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2025-04-14T22:59:36Z

Superseded by #363.

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Mar 26, 2025

dependabot bot mentioned this pull request Mar 26, 2025

Bump org.pgpainless:pgpainless-core from 1.6.7 to 1.7.4 #355

Closed

dependabot bot closed this Apr 14, 2025

dependabot bot deleted the dependabot/maven/org.pgpainless-pgpainless-core-1.7.5 branch April 14, 2025 22:59

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump org.pgpainless:pgpainless-core from 1.6.7 to 1.7.5 #358

Bump org.pgpainless:pgpainless-core from 1.6.7 to 1.7.5 #358

Uh oh!

dependabot bot commented on behalf of github Mar 26, 2025

Uh oh!

dependabot bot commented on behalf of github Apr 14, 2025

Uh oh!

Uh oh!

Bump org.pgpainless:pgpainless-core from 1.6.7 to 1.7.5 #358

Bump org.pgpainless:pgpainless-core from 1.6.7 to 1.7.5 #358

Uh oh!

Conversation

dependabot bot commented on behalf of github Mar 26, 2025

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

Uh oh!

dependabot bot commented on behalf of github Apr 14, 2025

Uh oh!

Uh oh!