Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated scram to version 2.0 #1532

Merged
merged 1 commit into from Jul 24, 2019

Conversation

@teoincontatto
Copy link
Contributor

commented Jul 24, 2019

Updated scram library version 2.0 with support for Java 7+ and standard SaslPrep implementation.

NOTE: Tests for pgjdbc-jre7 will fail due to missing changes in that repository. This PR requires that PR pgjdbc/pgjdbc-jre7#6 get merged into pgjdbc-jre7.

@AppVeyorBot

This comment has been minimized.

Copy link

commented Jul 24, 2019

@davecramer davecramer merged commit fcbbc3e into pgjdbc:master Jul 24, 2019

2 checks passed

continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@vlsi

This comment has been minimized.

Copy link
Member

commented Sep 9, 2019

@teoincontatto , can you please clarify if com.ongres.stringprep:codegenerator:jar:1.0:compile is really required? It pulls non-trivial set of dependencies, which was not expected.

$ mvn dependency:tree
[INFO] Scanning for projects...
[INFO]
[INFO] ---------------------< org.postgresql:postgresql >----------------------
[INFO] Building PostgreSQL JDBC Driver - JDBC 4.2 42.2.7
[INFO] -------------------------------[ bundle ]-------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ postgresql ---
[INFO] org.postgresql:postgresql:bundle:42.2.7
[INFO] +- com.ongres.scram:client:jar:2.0:compile
[INFO] |  \- com.ongres.scram:common:jar:2.0:compile
[INFO] |     \- com.ongres.stringprep:saslprep:jar:1.0:compile
[INFO] |        \- com.ongres.stringprep:stringprep:jar:1.0:compile
[INFO] |           \- com.ongres.stringprep:codegenerator:jar:1.0:compile
[INFO] |              +- org.apache.velocity:velocity:jar:1.7:compile
[INFO] |              |  +- commons-collections:commons-collections:jar:3.2.1:compile
[INFO] |              |  \- commons-lang:commons-lang:jar:2.4:compile
[INFO] |              \- org.apache.velocity:velocity-tools:jar:2.0:compile
[INFO] |                 +- commons-beanutils:commons-beanutils:jar:1.7.0:compile
[INFO] |                 +- commons-digester:commons-digester:jar:1.8:compile
[INFO] |                 +- commons-chain:commons-chain:jar:1.1:compile
[INFO] |                 +- commons-logging:commons-logging:jar:1.1:compile
[INFO] |                 |  \- javax.servlet:servlet-api:jar:2.3:compile
[INFO] |                 +- commons-validator:commons-validator:jar:1.3.1:compile
[INFO] |                 +- dom4j:dom4j:jar:1.1:compile
[INFO] |                 +- oro:oro:jar:2.0.8:compile
[INFO] |                 +- sslext:sslext:jar:1.2-0:compile
[INFO] |                 +- org.apache.struts:struts-core:jar:1.3.8:compile
[INFO] |                 |  \- antlr:antlr:jar:2.7.2:compile
[INFO] |                 +- org.apache.struts:struts-taglib:jar:1.3.8:compile
[INFO] |                 \- org.apache.struts:struts-tiles:jar:1.3.8:compile
[INFO] +- junit:junit:jar:4.12:test
[INFO] |  \- org.hamcrest:hamcrest-core:jar:1.3:test
[INFO] +- se.jiderhamn:classloader-leak-test-framework:jar:1.1.1:test
[INFO] |  \- org.apache.bcel:bcel:jar:6.0:test
[INFO] +- com.github.waffle:waffle-jna:jar:1.9.1:compile
[INFO] |  +- net.java.dev.jna:jna:jar:4.5.1:compile
[INFO] |  +- net.java.dev.jna:jna-platform:jar:4.5.1:compile
[INFO] |  +- org.slf4j:jcl-over-slf4j:jar:1.7.25:compile
[INFO] |  \- com.github.ben-manes.caffeine:caffeine:jar:2.6.2:compile
[INFO] +- org.osgi:org.osgi.enterprise:jar:4.2.0:provided
[INFO] \- org.osgi:org.osgi.core:jar:4.3.1:provided
@teoincontatto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 9, 2019

Hmmm, seems like a build dependency was forgot into the runtime dependencies. It is not required at runtime. Can you file a bug so we can handle it at https://gitlab.com/ongresinc/stringprep/issues/new

@vlsi

This comment has been minimized.

Copy link
Member

commented Sep 9, 2019

@teoincontatto

This comment has been minimized.

Copy link
Contributor Author

commented Sep 10, 2019

Thanks, scram 2.1 with saslprep and stringprep 1.1 have been released and fix this dependency issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.