Align Nimbus dependency versions with Spring Security

wilkinsona · wilkinsona · commit 3746155916c3 · 2021-06-23T17:53:09.000+01:00
Closes gh-26820
diff --git a/spring-boot-project/spring-boot-dependencies/build.gradle b/spring-boot-project/spring-boot-dependencies/build.gradle
@@ -1196,14 +1196,20 @@ bom {
 			]
 		}
 	}
-	library("OAuth2 OIDC SDK", "8.36.2") {
+	library("OAuth2 OIDC SDK") {
+		version("8.36.1") {
+			shouldAlignWithVersionFrom("Spring Security")
+		}
 		group("com.nimbusds") {
 			modules = [
 				"oauth2-oidc-sdk"
 			]
 		}
 	}
-	library("Nimbus JOSE JWT", "8.20.2") {
+	library("Nimbus JOSE JWT") {
+		version("8.20.2") {
+			shouldAlignWithVersionFrom("Spring Security")
+		}
 		group("com.nimbusds") {
 			modules = [
 				"nimbus-jose-jwt"
@@ -1630,6 +1636,11 @@ bom {
 				"spring-security-bom"
 			]
 		}
+		dependencyVersions {
+			extractFrom {
+				dependencyLock("https://raw.githubusercontent.com/spring-projects/spring-security/<libraryVersion>/config/gradle/dependency-locks/optional.lockfile")
+			}
+		}
 	}
 	library("Spring Session Bom", "2020.0.5") {
 		group("org.springframework.session") {

Original file line number	Diff line number	Diff line change
`@@ -1196,14 +1196,20 @@ bom {`
`1196`	`1196`	`]`
`1197`	`1197`	`}`
`1198`	`1198`	`}`
`1199`		`- library("OAuth2 OIDC SDK", "8.36.2") {`
	`1199`	`+ library("OAuth2 OIDC SDK") {`
	`1200`	`+ version("8.36.1") {`
	`1201`	`+ shouldAlignWithVersionFrom("Spring Security")`
	`1202`	`+ }`
`1200`	`1203`	`group("com.nimbusds") {`
`1201`	`1204`	`modules = [`
`1202`	`1205`	`"oauth2-oidc-sdk"`
`1203`	`1206`	`]`
`1204`	`1207`	`}`
`1205`	`1208`	`}`
`1206`		`- library("Nimbus JOSE JWT", "8.20.2") {`
	`1209`	`+ library("Nimbus JOSE JWT") {`
	`1210`	`+ version("8.20.2") {`
	`1211`	`+ shouldAlignWithVersionFrom("Spring Security")`
	`1212`	`+ }`
`1207`	`1213`	`group("com.nimbusds") {`
`1208`	`1214`	`modules = [`
`1209`	`1215`	`"nimbus-jose-jwt"`
`@@ -1630,6 +1636,11 @@ bom {`
`1630`	`1636`	`"spring-security-bom"`
`1631`	`1637`	`]`
`1632`	`1638`	`}`
	`1639`	`+ dependencyVersions {`
	`1640`	`+ extractFrom {`
	`1641`	`+ dependencyLock("https://raw.githubusercontent.com/spring-projects/spring-security/<libraryVersion>/config/gradle/dependency-locks/optional.lockfile")`
	`1642`	`+ }`
	`1643`	`+ }`
`1633`	`1644`	`}`
`1634`	`1645`	`library("Spring Session Bom", "2020.0.5") {`
`1635`	`1646`	`group("org.springframework.session") {`