Bump lazysodium-java from 4.2.6 to 4.3.4 #1670

dependabot-preview · 2021-02-01T15:17:00Z

Bumps lazysodium-java from 4.2.6 to 4.3.4.

Release notes

Sourced from lazysodium-java's releases.

4.3.4

Improvements:

Upgraded ResourceLoader to 1.3.10 which has support for loading nested JARs.

This means that Lazysodium can now be used in fat-jar based applications like SpringBoot!

4.3.2

Major change:

cryptoAeadChaCha20Poly1305IetfKeygen -> cryptoAeadXChaCha20Poly1305IetfKeygen spotted in terl/lazysodium-android#40

4.3.1

Here's what's changed:

cryptoAeadXChaCha20Poly1305IetfDecrypt now throws an Exception #89 #90

Use default SecureRandom instance so that it generates random bytes faster #91

Change binLen to pointer in hex2bin and base642bin #84

Open to public getSodiumPathInResources() #82

Enjoy!

4.3.0

Breaking:

New param added for cryptoPwHashScryptSalsa208Sha256 #76

Corrected a signature mismatch in crypto_generichash_blake2b_salt_personal #75

Enjoy 🌞

Commits

a09e4db Updated resource loader to 1.3.10
2e77db9 Update to 4.3.3
5341d36 Update resource loader
7b4fba0 Add to readme
9cd31fd Increase version to 4.3.2
ce492e7 Fix cryptoAeadChaCha20Poly1305IetfKeygen -> cryptoAeadXChaCha20Poly1305IetfKe...
3f780ee Increment version to 4.3.1
838cee9 Merge pull request #91 from timmc/test-fast-random
8fb3b1a Update according to comments #90
45975c8 Merge pull request #90 from gnarula/aead-exception
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
@dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

Update frequency (including time of day and day of week)
Pull request limits (per update run and/or open at any time)
Automerge options (never/patch/minor, and dev/runtime dependencies)
Out-of-range updates (receive only lockfile updates, if desired)
Security updates (receive only security updates, if desired)

dependabot-preview · 2021-02-01T15:17:02Z

Dependabot tried to add @bullet-tooth as a reviewer to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/exonum/exonum-java-binding/pulls/1670/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the exonum/exonum-java-binding repository. // See: https://docs.github.com/rest/reference/pulls#request-reviewers-for-a-pull-request

Bumps [lazysodium-java](https://github.com/terl/lazysodium-java) from 4.2.6 to 4.3.4. - [Release notes](https://github.com/terl/lazysodium-java/releases) - [Commits](terl/lazysodium-java@4.2.6...4.3.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

dependabot-preview bot added dependencies 🤖 java labels Feb 1, 2021

dependabot-preview bot mentioned this pull request Feb 1, 2021

Bump lazysodium-java from 4.2.6 to 4.3.3 #1669

Closed

dependabot-preview bot force-pushed the dependabot/maven/com.goterl.lazycode-lazysodium-java-4.3.4 branch 2 times, most recently from d170665 to 504a6a5 Compare February 2, 2021 08:28

dependabot-preview bot force-pushed the dependabot/maven/com.goterl.lazycode-lazysodium-java-4.3.4 branch 5 times, most recently from 62c8aed to 5e0904c Compare April 2, 2021 07:08

dependabot-preview bot force-pushed the dependabot/maven/com.goterl.lazycode-lazysodium-java-4.3.4 branch from 5e0904c to 2b42363 Compare April 2, 2021 07:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump lazysodium-java from 4.2.6 to 4.3.4 #1670

Bump lazysodium-java from 4.2.6 to 4.3.4 #1670

Uh oh!

dependabot-preview bot commented Feb 1, 2021 •

edited

Loading

dependabot-preview bot commented Feb 1, 2021

Labels

1 participant

Bump lazysodium-java from 4.2.6 to 4.3.4 #1670

Are you sure you want to change the base?

Bump lazysodium-java from 4.2.6 to 4.3.4 #1670

Uh oh!

Conversation

dependabot-preview bot commented Feb 1, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

4.3.4

4.3.2

4.3.1

4.3.0

dependabot-preview bot commented Feb 1, 2021

Labels

1 participant

dependabot-preview bot commented Feb 1, 2021 •

edited

Loading