`nimbus-jose-jwt` must be updated when `oauth2-oidc-sdk` is updated to ensure consistency

Since the `updateDependencies` plugin [has been removed](https://github.com/spring-projects/spring-security/issues/13966), we do not have a way to make sure that `com.nimbusds:nimbus-jose-jwt` [is aligned with the transitive version that is used by](https://github.com/spring-projects/spring-security/commit/736f1c27cdc1531410904b4dbf6731e507966cb5#diff-49a96e7eea8a94af862798a45174e6ac43eb4f8b4bd40759b5da63ba31ec3ef7L117-L122) `com.nimbusds:oauth2-oidc-sdk`.

It seems that Dependabot does not support such an arrangement. One idea is to consider a custom Gradle task that makes that check for us and does not allow the build to pass if the versions do not match.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

`nimbus-jose-jwt` must be updated when `oauth2-oidc-sdk` is updated to ensure consistency #14047

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

nimbus-jose-jwt must be updated when oauth2-oidc-sdk is updated to ensure consistency #14047

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

`nimbus-jose-jwt` must be updated when `oauth2-oidc-sdk` is updated to ensure consistency #14047