Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated scram to version 2.0 #1532

Merged
merged 1 commit into from Jul 24, 2019
Merged

Updated scram to version 2.0 #1532

merged 1 commit into from Jul 24, 2019

Conversation

@teoincontatto
Copy link
Contributor

@teoincontatto teoincontatto commented Jul 24, 2019

Updated scram library version 2.0 with support for Java 7+ and standard SaslPrep implementation.

NOTE: Tests for pgjdbc-jre7 will fail due to missing changes in that repository. This PR requires that PR pgjdbc/pgjdbc-jre7#6 get merged into pgjdbc-jre7.

@AppVeyorBot
Copy link

@AppVeyorBot AppVeyorBot commented Jul 24, 2019

Loading

@davecramer davecramer merged commit fcbbc3e into pgjdbc:master Jul 24, 2019
2 checks passed
Loading
@vlsi
Copy link
Member

@vlsi vlsi commented Sep 9, 2019

@teoincontatto , can you please clarify if com.ongres.stringprep:codegenerator:jar:1.0:compile is really required? It pulls non-trivial set of dependencies, which was not expected.

$ mvn dependency:tree
[INFO] Scanning for projects...
[INFO]
[INFO] ---------------------< org.postgresql:postgresql >----------------------
[INFO] Building PostgreSQL JDBC Driver - JDBC 4.2 42.2.7
[INFO] -------------------------------[ bundle ]-------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ postgresql ---
[INFO] org.postgresql:postgresql:bundle:42.2.7
[INFO] +- com.ongres.scram:client:jar:2.0:compile
[INFO] |  \- com.ongres.scram:common:jar:2.0:compile
[INFO] |     \- com.ongres.stringprep:saslprep:jar:1.0:compile
[INFO] |        \- com.ongres.stringprep:stringprep:jar:1.0:compile
[INFO] |           \- com.ongres.stringprep:codegenerator:jar:1.0:compile
[INFO] |              +- org.apache.velocity:velocity:jar:1.7:compile
[INFO] |              |  +- commons-collections:commons-collections:jar:3.2.1:compile
[INFO] |              |  \- commons-lang:commons-lang:jar:2.4:compile
[INFO] |              \- org.apache.velocity:velocity-tools:jar:2.0:compile
[INFO] |                 +- commons-beanutils:commons-beanutils:jar:1.7.0:compile
[INFO] |                 +- commons-digester:commons-digester:jar:1.8:compile
[INFO] |                 +- commons-chain:commons-chain:jar:1.1:compile
[INFO] |                 +- commons-logging:commons-logging:jar:1.1:compile
[INFO] |                 |  \- javax.servlet:servlet-api:jar:2.3:compile
[INFO] |                 +- commons-validator:commons-validator:jar:1.3.1:compile
[INFO] |                 +- dom4j:dom4j:jar:1.1:compile
[INFO] |                 +- oro:oro:jar:2.0.8:compile
[INFO] |                 +- sslext:sslext:jar:1.2-0:compile
[INFO] |                 +- org.apache.struts:struts-core:jar:1.3.8:compile
[INFO] |                 |  \- antlr:antlr:jar:2.7.2:compile
[INFO] |                 +- org.apache.struts:struts-taglib:jar:1.3.8:compile
[INFO] |                 \- org.apache.struts:struts-tiles:jar:1.3.8:compile
[INFO] +- junit:junit:jar:4.12:test
[INFO] |  \- org.hamcrest:hamcrest-core:jar:1.3:test
[INFO] +- se.jiderhamn:classloader-leak-test-framework:jar:1.1.1:test
[INFO] |  \- org.apache.bcel:bcel:jar:6.0:test
[INFO] +- com.github.waffle:waffle-jna:jar:1.9.1:compile
[INFO] |  +- net.java.dev.jna:jna:jar:4.5.1:compile
[INFO] |  +- net.java.dev.jna:jna-platform:jar:4.5.1:compile
[INFO] |  +- org.slf4j:jcl-over-slf4j:jar:1.7.25:compile
[INFO] |  \- com.github.ben-manes.caffeine:caffeine:jar:2.6.2:compile
[INFO] +- org.osgi:org.osgi.enterprise:jar:4.2.0:provided
[INFO] \- org.osgi:org.osgi.core:jar:4.3.1:provided

Loading

@teoincontatto
Copy link
Contributor Author

@teoincontatto teoincontatto commented Sep 9, 2019

Hmmm, seems like a build dependency was forgot into the runtime dependencies. It is not required at runtime. Can you file a bug so we can handle it at https://gitlab.com/ongresinc/stringprep/issues/new

Loading

@vlsi
Copy link
Member

@vlsi vlsi commented Sep 9, 2019

Loading

@teoincontatto
Copy link
Contributor Author

@teoincontatto teoincontatto commented Sep 10, 2019

Thanks, scram 2.1 with saslprep and stringprep 1.1 have been released and fix this dependency issue.

Loading

davecramer added a commit to davecramer/pgjdbc that referenced this issue Jul 5, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants