Versions Compared

Old Version 6

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 7

changes.mady.by.user Rod Widdowson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Java 18 now RC1.

  • Spring Framework 5.3.16 addresses SpEL issue (

    Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyIDP-1901
    ).

John

Marvin

Phil

Rod

  • Supply chain defence:

    • All nightly builds now check all downloaded code jars against our keyrings

    • All distributions check the shipped jars against our keyrings

    • I believe that mvn versions:set is clean,

    • mvn site:site opens a whole new jar of worms

      Jira Legacy
      serverSystem JIRA
      columnskey,summary,type,created,updated,due,assignee,reporter,priority,status,resolution
      serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
      keyGEN-310

    • Are there other commands we need to worry about.

    • “Are we there yet?”

Scott

  • Jira Legacy
    serverSystem JIRA
    serverIdf52c7d31-6eab-3f0e-93c3-231b5754d506
    keyJOIDC-11

    • I think functionally complete at this point, including encryption

    • Cleaned up some bad design choices, think this will extend naturally to the code grant

    • Settled on client as requester, token audience as proxied requester for consistency with OIDC

  • Added support for authenticated, unverified use of introspection/revocation

  • Long term think we should continue pushing toward authenticated, unverified clients for OIDC as well

...