jsch-2.27.8

What's Changed

• Update readme with info about other projects leveraging Jsch by @jjlauer in #954
• Bump JamesIves/github-pages-deploy-action from 4.7.4 to 4.7.6 by @dependabot[bot] in #955
• Bump github/codeql-action from 4.31.5 to 4.31.7 by @dependabot[bot] in #960
• Bump org.apache.maven.plugins:maven-assembly-plugin from 3.7.1 to 3.8.0 by @dependabot[bot] in #962
• Bump actions/setup-java from 5.0.0 to 5.1.0 by @dependabot[bot] in #961
• Bump org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to 3.4.0 by @dependabot[bot] in #959
• Bump errorprone.version from 2.44.0 to 2.45.0 by @dependabot[bot] in #958
• Bump actions/checkout from 6.0.0 to 6.0.1 by @dependabot[bot] in #957
• Bump org.testcontainers:junit-jupiter from 1.21.3 to 1.21.4 by @dependabot[bot] in #968
• Bump log4j.version from 2.25.2 to 2.25.3 by @dependabot[bot] in #969
• Bump github/codeql-action from 4.31.7 to 4.31.9 by @dependabot[bot] in #970
• Bump org.junit.jupiter:junit-jupiter from 5.14.1 to 5.14.2 by @dependabot[bot] in #976
• Bump github/codeql-action from 4.31.9 to 4.31.10 by @dependabot[bot] in #979
• Bump errorprone.version from 2.45.0 to 2.46.0 by @dependabot[bot] in #978
• 2.27.8 changes by @norrisjeremy in #982
• Bump biz.aQute.bnd:bnd-maven-plugin from 7.1.0 to 7.2.1 by @dependabot[bot] in #981
• Bump JamesIves/github-pages-deploy-action from 4.7.6 to 4.8.0 by @dependabot[bot] in #980
• Bump org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0 by @dependabot[bot] in #977
• Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 by @dependabot[bot] in #975
• Bump actions/upload-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in #967
• Bump actions/cache from 4.3.0 to 5.0.1 by @dependabot[bot] in #965
• Bump org.apache.maven.plugins:maven-release-plugin from 3.2.0 to 3.3.1 by @dependabot[bot] in #971
• Bump actions/download-artifact from 6.0.0 to 7.0.0 by @dependabot[bot] in #966
• Add support for OpenSSH-Agent on Windows by @bananensplit in #964
• Bump actions/cache from 5.0.1 to 5.0.2 by @dependabot[bot] in #983
• Bump org.codehaus.mojo:templating-maven-plugin from 3.0.0 to 3.1.0 by @dependabot[bot] in #984
• 2.27.8 changes by @norrisjeremy in #985
• Bump actions/checkout from 6.0.1 to 6.0.2 by @dependabot[bot] in #987
• Bump actions/setup-java from 5.1.0 to 5.2.0 by @dependabot[bot] in #986
• Bump github/codeql-action from 4.31.10 to 4.32.0 by @dependabot[bot] in #988
• Bump github/codeql-action from 4.32.0 to 4.32.1 by @dependabot[bot] in #989
• Bump actions/cache from 5.0.2 to 5.0.3 by @dependabot[bot] in #990
• Bump commons-codec:commons-codec from 1.20.0 to 1.21.0 by @dependabot[bot] in #991
• Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @dependabot[bot] in #992
• Bump github/codeql-action from 4.32.1 to 4.32.2 by @dependabot[bot] in #994
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.9.0 to 3.10.0 by @dependabot[bot] in #995
• Bump errorprone.version from 2.46.0 to 2.47.0 by @dependabot[bot] in #993
• Fix multi-release jar to avoid API differences between versions. by @norrisjeremy in #996
• Bump github/codeql-action from 4.32.2 to 4.32.3 by @dependabot[bot] in #1000
• Bump org.junit.jupiter:junit-jupiter from 5.14.2 to 5.14.3 by @dependabot[bot] in #999
• Update Error Prone compilerArgs. by @norrisjeremy in #998
• Infinite loop fix on checkServerExtInfo() by @kalithas-sendrayan in #997

New Contributors

• @bananensplit made their first contribution in #964
• @kalithas-sendrayan made their first contribution in #997

Full Changelog: jsch-2.27.7...jsch-2.27.8

jsch-2.27.7

What's Changed

• SftpATTRS constructor should be public by @jjlauer in #950

dependency updates

• Bump commons-codec:commons-codec from 1.19.0 to 1.20.0 by @dependabot[bot] in #945
• Bump errorprone.version from 2.43.0 to 2.44.0 by @dependabot[bot] in #944
• Bump org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.2.0 by @dependabot[bot] in #943
• Bump commons-io:commons-io from 2.20.0 to 2.21.0 by @dependabot[bot] in #942
• Bump github/codeql-action from 4.31.2 to 4.31.4 by @dependabot[bot] in #948
• Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.2 to 3.5.0 by @dependabot[bot] in #949
• Bump github/codeql-action from 4.31.4 to 4.31.5 by @dependabot[bot] in #951
• Bump org.bouncycastle:bcprov-jdk18on from 1.82 to 1.83 by @dependabot[bot] in #953
• Bump actions/checkout from 5.0.0 to 6.0.0 by @dependabot[bot] in #952

Full Changelog: jsch-2.27.6...jsch-2.27.7

jsch-2.27.6

What's Changed

• Fix logging a 'port is null' error when parsing openssh config file by @jjlauer in #934

Dependency Updates

• Bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in #937
• Bump actions/download-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in #936
• Bump github/codeql-action from 4.30.9 to 4.31.0 by @dependabot[bot] in #935
• Bump JamesIves/github-pages-deploy-action from 4.7.3 to 4.7.4 by @dependabot[bot] in #939
• Bump org.junit.jupiter:junit-jupiter from 5.14.0 to 5.14.1 by @dependabot[bot] in #940
• Bump github/codeql-action from 4.31.0 to 4.31.2 by @dependabot[bot] in #938

New Contributors

• @jjlauer made their first contribution in #934

Full Changelog: jsch-2.27.5...jsch-2.27.6

jsch-2.27.5

What's Changed

• Throw JSchException if an incorrect passphrase is provided to JSch.addIdentity() by @norrisjeremy in #932

Dependency Updates

• Bump github/codeql-action from 4.30.8 to 4.30.9 by @dependabot[bot] in #931
• Bump errorprone.version from 2.42.0 to 2.43.0 by @dependabot[bot] in #930

Full Changelog: jsch-2.27.4...jsch-2.27.5

jsch-2.27.4

What's Changed

• Slowness due to blocked threads in Channel.getChannel call by @DavidTavoularis in #887
• Update to latest Maven Wrapper by @norrisjeremy in #895
• Switch to using Java 25 for builds by @norrisjeremy in #913
• Update forbiddenapis with newly added support for Java 25 by @norrisjeremy in #926
• fix for infinite looping issue by @code-docker in #922
• Store Channel objects associated with a particular Session with the S… by @norrisjeremy in #889

Dependency Updates

• Bump github/codeql-action from 3.29.9 to 3.29.10 by @dependabot[bot] in #882
• Bump com.github.valfirst:slf4j-test from 3.0.1 to 3.0.2 by @dependabot[bot] in #884
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.11.3 by @dependabot[bot] in #883
• Bump com.github.valfirst:slf4j-test from 3.0.2 to 3.0.3 by @dependabot[bot] in #891
• Bump github/codeql-action from 3.29.10 to 3.29.11 by @dependabot[bot] in #893
• Bump github/codeql-action from 3.29.11 to 3.30.3 by @dependabot[bot] in #899
• Bump actions/setup-java from 4.7.1 to 5.0.0 by @dependabot[bot] in #892
• Bump s4u/maven-settings-action from 3.1.0 to 4.0.0 by @dependabot[bot] in #897
• Bump net.revelc.code.formatter:formatter-maven-plugin from 2.27.0 to 2.28.0 by @dependabot[bot] in #898
• Bump surefire.version from 3.5.3 to 3.5.4 by @dependabot[bot] in #902
• Bump log4j.version from 2.25.1 to 2.25.2 by @dependabot[bot] in #912
• Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.0 to 3.14.1 by @dependabot[bot] in #908
• Bump org.codehaus.mojo:flatten-maven-plugin from 1.7.2 to 1.7.3 by @dependabot[bot] in #910
• Bump jna.version from 5.17.0 to 5.18.0 by @dependabot[bot] in #905
• Bump org.sonatype.central:central-publishing-maven-plugin from 0.8.0 to 0.9.0 by @dependabot[bot] in #911
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.3 to 3.12.0 by @dependabot[bot] in #909
• Bump org.bouncycastle:bcprov-jdk18on from 1.81 to 1.82 by @dependabot[bot] in #903
• Bump net.revelc.code.formatter:formatter-maven-plugin from 2.28.0 to 2.29.0 by @dependabot[bot] in #904
• Bump errorprone.version from 2.41.0 to 2.42.0 by @dependabot[bot] in #906
• Bump actions/cache from 4.2.4 to 4.3.0 by @dependabot[bot] in #907
• Bump github/codeql-action from 3.30.3 to 3.30.5 by @dependabot[bot] in #914
• Bump jna.version from 5.18.0 to 5.18.1 by @dependabot[bot] in #915
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in #919
• Bump de.thetaphi:forbiddenapis from 3.9 to 3.10 by @dependabot[bot] in #920
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.8.1 to 3.9.0 by @dependabot[bot] in #921
• Bump github/codeql-action from 3.30.5 to 4.30.7 by @dependabot[bot] in #918
• Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 by @dependabot[bot] in #924
• Bump github/codeql-action from 4.30.7 to 4.30.8 by @dependabot[bot] in #923
• Bump org.junit.jupiter:junit-jupiter from 5.13.4 to 5.14.0 by @dependabot[bot] in #925

New Contributors

• @DavidTavoularis made their first contribution in #887
• @code-docker made their first contribution in #922

Full Changelog: jsch-2.27.3...jsch-2.27.4

jsch-2.27.3

What's Changed

• 2.27.3 changes by @norrisjeremy in #865
  • Update to Maven 3.9.11.
  • Update to latest Java (24.0.2) release.
  • Ensure that bnd-maven-plugin doesn't add java package imports into OSGi imports.
  • Run Dependabot on Wednesdays since Github is frequently overloaded on Mondays & fails.
• 2.27.3 changes by @norrisjeremy in #877
  • Drop unneeded compiler-annotations dependency.
  • Generate SPDX SBOM.
  • #852 Fix ChannelAgentForwarding when an unknown agent message type is received immediately preceding a known agent message type.
  • Consistently use Temurin JDK for all Github workflows.
  • Add --enable-native-access=ALL-UNNAMED that will be required for JNA and junixsocket to function in future Java releases.
  • Remove additional extraneous dependencies for log4j-core-test.
  • Use toolchains plugin to select JDK to allow eventual Maven 4 support.
    -- Maven 4 will only run on Java 17+, so in order to execute tests with Java 8 & 11 in GHA, we'll need to use the toolchains plugin to allow executing tests with a different JDK than used to execute Maven itself.

Dependency Updates

• Bump org.codehaus.mojo:build-helper-maven-plugin from 3.6.0 to 3.6.1 by @dependabot[bot] in #839
• Bump org.junit.jupiter:junit-jupiter from 5.13.0 to 5.13.1 by @dependabot[bot] in #840
• Bump github/codeql-action from 3.28.18 to 3.28.19 by @dependabot[bot] in #842
• Bump org.testcontainers:junit-jupiter from 1.21.1 to 1.21.2 by @dependabot[bot] in #849
• Bump org.codehaus.mojo:flatten-maven-plugin from 1.7.0 to 1.7.1 by @dependabot[bot] in #851
• Bump org.sonatype.central:central-publishing-maven-plugin from 0.7.0 to 0.8.0 by @dependabot[bot] in #850
• Bump log4j.version from 2.24.3 to 2.25.0 by @dependabot[bot] in #847
• Bump org.bouncycastle:bcprov-jdk18on from 1.80 to 1.81 by @dependabot[bot] in #841
• Bump github/codeql-action from 3.28.19 to 3.29.0 by @dependabot[bot] in #846
• Bump org.junit.jupiter:junit-jupiter from 5.13.1 to 5.13.2 by @dependabot[bot] in #853
• Bump github/codeql-action from 3.29.0 to 3.29.2 by @dependabot[bot] in #856
• Bump org.testcontainers:junit-jupiter from 1.21.2 to 1.21.3 by @dependabot[bot] in #857
• Bump errorprone.version from 2.38.0 to 2.39.0 by @dependabot[bot] in #855
• Bump net.revelc.code.formatter:formatter-maven-plugin from 2.26.0 to 2.27.0 by @dependabot[bot] in #854
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8 by @dependabot[bot] in #862
• Bump log4j.version from 2.25.0 to 2.25.1 by @dependabot[bot] in #863
• Bump org.junit.jupiter:junit-jupiter from 5.13.2 to 5.13.3 by @dependabot[bot] in #864
• Bump errorprone.version from 2.39.0 to 2.40.0 by @dependabot[bot] in #861
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.5.0 to 3.6.0 by @dependabot[bot] in #860
• Bump github/codeql-action from 3.29.2 to 3.29.4 by @dependabot[bot] in #867
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.0 to 3.6.1 by @dependabot[bot] in #870
• Bump org.junit.jupiter:junit-jupiter from 5.13.3 to 5.13.4 by @dependabot[bot] in #871
• Bump org.codehaus.mojo:flatten-maven-plugin from 1.7.1 to 1.7.2 by @dependabot[bot] in #872
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 by @dependabot[bot] in #868
• Bump commons-codec:commons-codec from 1.18.0 to 1.19.0 by @dependabot[bot] in #869
• Bump errorprone.version from 2.40.0 to 2.41.0 by @dependabot[bot] in #873
• Bump github/codeql-action from 3.29.4 to 3.29.5 by @dependabot[bot] in #874
• Bump actions/cache from 4.2.3 to 4.2.4 by @dependabot[bot] in #878
• Bump github/codeql-action from 3.29.7 to 3.29.9 by @dependabot[bot] in #879
• Bump actions/download-artifact from 4.3.0 to 5.0.0 by @dependabot[bot] in #875
• Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #880

Full Changelog: jsch-2.27.2...jsch-2.27.3

jsch-2.27.2

What's Changed

• Bump dependabot/fetch-metadata from 2.3.0 to 2.4.0 by @dependabot in #830
• Bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot in #831
• Bump org.testcontainers:junit-jupiter from 1.21.0 to 1.21.1 by @dependabot in #833
• Bump org.junit.jupiter:junit-jupiter from 5.12.2 to 5.13.0 by @dependabot in #834
• Bump org.apache.maven.plugins:maven-clean-plugin from 3.4.1 to 3.5.0 by @dependabot in #832
• java and maven version changes by @norrisjeremy in #837

Full Changelog: jsch-2.27.0...jsch-2.27.2

jsch-2.27.0

What's Changed

• switch to semver scheme by @mwiede in #828

Up until 0.2.26 the versioning followed the original jsch scheme, from 2.27.0 on, we switched to semantic versioning, expressing that the library api is stable and used in production.

besides that: no breaking changes!

• 0.2.27 changes by @norrisjeremy in #824
  • Fix decryption of OpenSSH V1 keys that use AEAD ciphers.
    -- I discovered that OpenSSH V1 keys that were encrypted with aes128-gcm@openssh.com, aes256-gcm@openssh.com or chacha20-poly1305@openssh.com were not working.
  • Add support for writing OpenSSH V1 key files.
    -- I decided to introduce new KeyPair.writeOpenSSHv1PrivateKey() methods to handle this, in order to allow users to optionally specify the encryption cipher they would like to use (equivalent of ssh-keygen -Z [cipher]) and/or the number of KDF rounds to use (equivalent of ssh-keygen -a [rounds]).

Dependency Updates

• Bump github/codeql-action from 3.28.14 to 3.28.16 by @dependabot in #821
• Bump org.testcontainers:junit-jupiter from 1.20.6 to 1.21.0 by @dependabot in #822
• Bump actions/download-artifact from 4.2.1 to 4.3.0 by @dependabot in #820
• Bump github/codeql-action from 3.28.16 to 3.28.17 by @dependabot in #825

Full Changelog: jsch-0.2.26...jsch-2.27.0

jsch-0.2.26

What's Changed

• Follow lead from OpenSSH and prefer AES-GCM ciphers to AES-CTR ciphers by @norrisjeremy in #812
• Catch LinkageError in order to better handle cases in which classes cannot be loaded via reflection by @norrisjeremy #812

Dependency Updates

• Bump actions/setup-java from 4.7.0 to 4.7.1 by @dependabot in #814
• Bump com.kohlschutter:compiler-annotations from 1.8.0 to 1.8.2 by @dependabot in #816
• Bump org.junit.jupiter:junit-jupiter from 5.12.1 to 5.12.2 by @dependabot in #815
• Bump commons-io:commons-io from 2.18.0 to 2.19.0 by @dependabot in #817
• Bump errorprone.version from 2.37.0 to 2.38.0 by @dependabot in #819

Full Changelog: jsch-0.2.25...jsch-0.2.26

jsch-0.2.25

What's Changed

• 0.2.25 changes by @norrisjeremy in #797
  • Add support for mlkem768x25519-sha256, mlkem768nistp256-sha256 & mlkem1024nistp384-sha384 KEX algorithms using JEP 496.
  • Stop abusing the packet buffer for signature verification.
  • Fix intermittent KEX errors with hybrid PQ/EC algorithms: the EC shared secret should not be stripped of unnecessary leading zero bytes since they are concatenated with the PQ secret and encoded as a string.
• Support custom ThreadFactory. by @hstyi in #793

Dependency Updates

• Bump github/codeql-action from 3.28.10 to 3.28.11 by @dependabot in #790
• Bump org.testcontainers:junit-jupiter from 1.20.5 to 1.20.6 by @dependabot in #791
• Bump org.apache.maven.plugins:maven-install-plugin from 3.1.3 to 3.1.4 by @dependabot in #781
• Bump actions/download-artifact from 4.1.8 to 4.1.9 by @dependabot in #785
• Bump org.junit.jupiter:junit-jupiter from 5.12.0 to 5.12.1 by @dependabot in #796
• Bump jna.version from 5.16.0 to 5.17.0 by @dependabot in #795
• Bump actions/upload-artifact from 4.6.0 to 4.6.1 by @dependabot in #776
• Bump actions/cache from 4.2.2 to 4.2.3 by @dependabot in #800
• Bump github/codeql-action from 3.28.11 to 3.28.13 by @dependabot in #801
• Bump errorprone.version from 2.36.0 to 2.37.0 by @dependabot in #803
• Bump surefire.version from 3.5.2 to 3.5.3 by @dependabot in #804
• Bump org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.13 by @dependabot in #807
• Bump github/codeql-action from 3.28.13 to 3.28.14 by @dependabot in #808
• Bump de.thetaphi:forbiddenapis from 3.8 to 3.9 by @dependabot in #806
• Bump net.revelc.code.formatter:formatter-maven-plugin from 2.25.0 to 2.26.0 by @dependabot in #799
• Bump actions/download-artifact from 4.1.9 to 4.2.1 by @dependabot in #798
• Bump actions/upload-artifact from 4.6.1 to 4.6.2 by @dependabot in #802

New Contributors

• @hstyi made their first contribution in #793

Full Changelog: jsch-0.2.24...jsch-0.2.25