3.0.5 - fix CVE-2024-34447

What's Changed

• Upgrade deps (fix CVE-2024-34447) by @runeflobakk in #37

Full Changelog: 3.0.4...3.0.5

3.0.4 Replace Buypass test root certs

What's Changed

• New Buypass SEID2 root certs for test by @runeflobakk in #35

Full Changelog: 3.0.3...3.0.4

Update dependency

What's Changed

• Bump bcprov-jdk18on from 1.73 to 1.76 by @dependabot in #33

Full Changelog: 3.0.2...3.0.3

3.0.2

What's Changed

• Bytt ut Guava med Apache Commons by @draperunner in #34
  (kun test-avhengigheit)

New Contributors

• @draperunner made their first contribution in #34

Full Changelog: 3.0.1...3.0.2

3.0.1

What's Changed

• Move stuff used by RevocationChecker to separate class by @runeflobakk in #31

Full Changelog: 3.0...3.0.1

3.0

What's Changed

• Javax to Jakarta, Apache HttpClient v4 to v5, Slf4J v1 to v2 by @runeflobakk in #30

Full Changelog: 2.6...3.0

2.6.1

Internal refactoring to make RevocationChecker more ergonomic for shading.

Move stuff used by RevocationChecker to separate class. This makes RevocationChecker more friendly for shading/copying into other libraries, because we avoid it depending on the entire "user-facing" facade DigipostSecurity, which has more dependencies, checks that BouncyCastle is available in its initializer.

DigipostSecurity is still the public API, but delegates to the internal JavaSecurityUtils for the moved operations (resolving certificate factory, and describing certificates)

Full Changelog: 2.6...2.6.1

2.6

What's Changed

• Log revoked as INFO instead of WARN by @runeflobakk in #29

Full Changelog: 2.5...2.6

Fix for BouncyCastle version >= 1.63

If the library is used with BouncyCastle 1.63 or higher, previous versions of the library will fail resolving the OCSP responder URL from certificates. This is a bugfix release for this.

Issue: #15, pull-request: #16

1.5 - Upgrades dependencies

New

• Upgrades dependencies after security issues of dependencies reported by Github.