Releases: mwiede/jsch
Releases · mwiede/jsch
jsch-0.2.21
What's Changed
Dependency Updates
- Bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in #658
- Bump junixsocket.version from 2.10.0 to 2.10.1 by @dependabot in #659
- Bump commons-io:commons-io from 2.16.1 to 2.17.0 by @dependabot in #660
- Bump org.cyclonedx:cyclonedx-maven-plugin from 2.8.1 to 2.8.2 by @dependabot in #663
- Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.6 to 3.2.7 by @dependabot in #662
- Bump org.junit.jupiter:junit-jupiter from 5.11.0 to 5.11.1 by @dependabot in #665
- Bump JamesIves/github-pages-deploy-action from 4.6.4 to 4.6.8 by @dependabot in #667
- Bump actions/setup-java from 4.3.0 to 4.4.0 by @dependabot in #668
- Bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #666
- Bump log4j.version from 2.23.1 to 2.24.1 by @dependabot in #664
- Bump org.junit.jupiter:junit-jupiter from 5.11.1 to 5.11.2 by @dependabot in #674
- Bump surefire.version from 3.5.0 to 3.5.1 by @dependabot in #671
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.10.0 to 3.10.1 by @dependabot in #675
- Bump org.testcontainers:junit-jupiter from 1.20.1 to 1.20.2 by @dependabot in #676
- Bump actions/upload-artifact from 4.4.0 to 4.4.1 by @dependabot in #678
- Bump github/codeql-action from 3.26.8 to 3.26.12 by @dependabot in #679
- Bump github/codeql-action from 3.26.12 to 3.26.13 by @dependabot in #683
- Bump actions/upload-artifact from 4.4.1 to 4.4.3 by @dependabot in #682
- Bump org.junit.jupiter:junit-jupiter from 5.11.2 to 5.11.3 by @dependabot in #687
- Bump org.apache.maven.plugins:maven-project-info-reports-plugin from 3.7.0 to 3.8.0 by @dependabot in #688
- Bump errorprone.version from 2.32.0 to 2.34.0 by @dependabot in #686
- Bump actions/cache from 4.0.2 to 4.1.1 by @dependabot in #684
- Bump org.cyclonedx:cyclonedx-maven-plugin from 2.8.2 to 2.9.0 by @dependabot in #681
- Bump de.thetaphi:forbiddenapis from 3.7 to 3.8 by @dependabot in #672
- Bump actions/checkout from 4.2.0 to 4.2.2 by @dependabot in #689
- Bump org.apache.maven.plugins:maven-dependency-plugin from 3.8.0 to 3.8.1 by @dependabot in #695
- Bump org.testcontainers:junit-jupiter from 1.20.2 to 1.20.3 by @dependabot in #697
- Bump actions/cache from 4.1.1 to 4.1.2 by @dependabot in #699
- Bump actions/setup-java from 4.4.0 to 4.5.0 by @dependabot in #700
- Bump github/codeql-action from 3.26.13 to 3.27.0 by @dependabot in #698
- Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.5.0 to 3.6.0 by @dependabot in #696
- Bump errorprone.version from 2.34.0 to 2.35.1 by @dependabot in #694
- Bump org.apache.maven.plugins:maven-site-plugin from 3.20.0 to 3.21.0 by @dependabot in #693
New Contributors
Full Changelog: jsch-0.2.20...jsch-0.2.21
jsch-0.2.20
What's Changed
- Incorrect Oid for service name in GSSAPI authentication. Fix #648 by @vpinna80 in #649
- Update
Hostkey.getFingerprint()
method to output more moden format first introduced with OpenSSH 6.8. by @norrisjeremy in #638 for #529 - Add stack trace to log message when an exception occurs during authentication. by @norrisjeremy in #638 for #622
Dependency Updates
- Bump actions/upload-artifact from 4.3.4 to 4.3.6 by @dependabot in #616
- Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.5 by @dependabot in #619
- Bump org.slf4j:slf4j-api from 2.0.13 to 2.0.16 by @dependabot in #620
- Bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.2 to 3.1.3 by @dependabot in #627
- Bump org.apache.maven.plugins:maven-install-plugin from 3.1.2 to 3.1.3 by @dependabot in #628
- Bump com.kohlschutter:compiler-annotations from 1.7.3 to 1.7.4 by @dependabot in #631
- Bump org.apache.maven.plugins:maven-site-plugin from 3.12.1 to 3.20.0 by @dependabot in #632
- Bump surefire.version from 3.3.1 to 3.4.0 by @dependabot in #630
- Bump org.junit.jupiter:junit-jupiter from 5.10.3 to 5.11.0 by @dependabot in #629
- Bump github/codeql-action from 3.25.15 to 3.26.3 by @dependabot in #626
- Bump github/codeql-action from 3.26.3 to 3.26.5 by @dependabot in #636
- Bump JamesIves/github-pages-deploy-action from 4.6.3 to 4.6.4 by @dependabot in #645
- Bump github/codeql-action from 3.26.5 to 3.26.6 by @dependabot in #647
- Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.5 to 3.2.6 by @dependabot in #653
- Bump github/codeql-action from 3.26.6 to 3.26.7 by @dependabot in #656
- Bump errorprone.version from 2.29.2 to 2.32.0 by @dependabot in #655
- Bump jna.version from 5.14.0 to 5.15.0 by @dependabot in #654
- Bump actions/setup-java from 4.2.2 to 4.3.0 by @dependabot in #651
- Bump actions/upload-artifact from 4.3.6 to 4.4.0 by @dependabot in #646
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.10.0 by @dependabot in #642
- Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.4.0 to 3.5.0 by @dependabot in #635
- Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.1 to 3.8.0 by @dependabot in #634
- Bump surefire.version from 3.4.0 to 3.5.0 by @dependabot in #643
New Contributors
Full Changelog: jsch-0.2.19...jsch-0.2.20
jsch-0.2.19
What's Changed
- Enforce DHGEX prime modulus bit length meets configured constraints by @norrisjeremy in #585
- Fix possible rekeying timeouts by @norrisjeremy in #605
Dependency Updates
- Bump net.revelc.code.formatter:formatter-maven-plugin from 2.24.0 to 2.24.1 by @dependabot in #574
- Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.1 to 3.4.0 by @dependabot in #573
- Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.1 to 3.7.0 by @dependabot in #579
- Bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.0 by @dependabot in #580
- Bump surefire.version from 3.2.5 to 3.3.0 by @dependabot in #578
- Bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.0 to 3.7.1 by @dependabot in #583
- Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 by @dependabot in #584
- Bump org.junit.jupiter:junit-jupiter from 5.10.2 to 5.10.3 by @dependabot in #587
- Bump com.kohlschutter:compiler-annotations from 1.7.2 to 1.7.3 by @dependabot in #588
- Bump org.apache.maven.plugins:maven-clean-plugin from 3.3.2 to 3.4.0 by @dependabot in #582
- Bump surefire.version from 3.3.0 to 3.3.1 by @dependabot in #592
- Bump org.apache.maven.plugins:maven-release-plugin from 3.1.0 to 3.1.1 by @dependabot in #594
- Bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #595
- Bump junixsocket.version from 2.9.1 to 2.10.0 by @dependabot in #593
- Bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #599
- Bump commons-codec:commons-codec from 1.17.0 to 1.17.1 by @dependabot in #602
- Bump github/codeql-action from 3.25.13 to 3.25.15 by @dependabot in #606
- Bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #611
- Bump org.cyclonedx:cyclonedx-maven-plugin from 2.8.0 to 2.8.1 by @dependabot in #613
- Bump org.testcontainers:junit-jupiter from 1.19.8 to 1.20.1 by @dependabot in #612
- Bump errorprone.version from 2.28.0 to 2.29.2 by @dependabot in #603
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 by @dependabot in #600
Full Changelog: jsch-0.2.18...jsch-0.2.19
jsch-0.2.18
What's Changed
- Handle negated patterns according to ssh_config(5) by @bmiddaugh in #565
Dependency Updates
- update maven wrapper by @norrisjeremy in #555
- Bump log4j.version from 2.23.0 to 2.23.1 by @dependabot in #516
- Bump org.testcontainers:junit-jupiter from 1.19.6 to 1.19.7 by @dependabot in #513
- Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.0 by @dependabot in #515
- Bump org.apache.maven.plugins:maven-assembly-plugin from 3.6.0 to 3.7.0 by @dependabot in #517
- Bump errorprone.version from 2.25.0 to 2.26.0 by @dependabot in #514
- Bump org.apache.maven.plugins:maven-assembly-plugin from 3.7.0 to 3.7.1 by @dependabot in #521
- Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.0 to 3.2.1 by @dependabot in #520
- Bump errorprone.version from 2.26.0 to 2.26.1 by @dependabot in #519
- Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.11 to 2.8.0 by @dependabot in #526
- Bump de.thetaphi:forbiddenapis from 3.6 to 3.7 by @dependabot in #525
- Bump dependabot/fetch-metadata from 1 to 2 by @dependabot in #524
- Bump org.apache.maven.plugins:maven-compiler-plugin from 3.12.1 to 3.13.0 by @dependabot in #522
- Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.1 to 3.2.2 by @dependabot in #530
- Bump junixsocket.version from 2.9.0 to 2.9.1 by @dependabot in #534
- Bump org.jacoco:jacoco-maven-plugin from 0.8.11 to 0.8.12 by @dependabot in #537
- Bump org.bouncycastle:bcprov-jdk18on from 1.77 to 1.78 by @dependabot in #535
- Bump com.kohlschutter:compiler-annotations from 1.6.7 to 1.7.0 by @dependabot in #531
- Bump commons-io:commons-io from 2.15.1 to 2.16.1 by @dependabot in #536
- Bump org.slf4j:slf4j-api from 2.0.12 to 2.0.13 by @dependabot in #542
- Bump com.kohlschutter:compiler-annotations from 1.7.0 to 1.7.1 by @dependabot in #540
- Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.2 to 3.2.3 by @dependabot in #539
- Bump org.bouncycastle:bcprov-jdk18on from 1.78 to 1.78.1 by @dependabot in #546
- Bump com.kohlschutter:compiler-annotations from 1.7.1 to 1.7.2 by @dependabot in #547
- Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.3 to 3.2.4 by @dependabot in #544
- Bump org.apache.maven.plugins:maven-install-plugin from 3.1.1 to 3.1.2 by @dependabot in #551
- Bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.1 to 3.1.2 by @dependabot in #550
- Bump org.testcontainers:junit-jupiter from 1.19.7 to 1.19.8 by @dependabot in #558
- Bump errorprone.version from 2.26.1 to 2.27.1 by @dependabot in #556
- Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 by @dependabot in #548
- Bump org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.1 by @dependabot in #545
- Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 by @dependabot in #568
- Bump errorprone.version from 2.27.1 to 2.28.0 by @dependabot in #567
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 by @dependabot in #566
- Bump org.codehaus.mojo:build-helper-maven-plugin from 3.5.0 to 3.6.0 by @dependabot in #562
- Bump net.revelc.code.formatter:formatter-maven-plugin from 2.23.0 to 2.24.0 by @dependabot in #569
New Contributors
- @bmiddaugh made their first contribution in #565
Full Changelog: jsch-0.2.17...jsch-0.2.18
jsch-0.2.17
What's Changed
- 0.2.17 changes by @norrisjeremy in #482
- Organize imports and remove unused imports.
- Remove unneeded implements statements.
- Remove unused local variables.
- Skip flatten-maven-plugin during CI tests.
- Expand wildcard imports in order to better adhere to Google Java Style Guide.
- Add PBKDF2-HMAC-SHA512/256 & PBKDF2-HMAC-SHA512/224, which are both supported as of Java 21.
- Organize imports.
- Always embed NoPadding into Cipher string.
- Import javax.crypto.Cipher instead of com.jcraft.jsch.Cipher.
- Organize module-info.
- More formatting corrections to better adhere to Google Java Style Guide.
- Switch to using java.time classes & make work for dates past 2038.
Dependency Updates
- Bump errorprone.version from 2.24.0 to 2.24.1 by @dependabot in #478
- Bump org.slf4j:slf4j-api from 2.0.10 to 2.0.11 by @dependabot in #476
- Bump com.kohlschutter:compiler-annotations from 1.6.6 to 1.6.7 by @dependabot in #477
- Bump surefire.version from 3.2.3 to 3.2.5 by @dependabot in #480
- Bump org.codehaus.mojo:flatten-maven-plugin from 1.5.0 to 1.6.0 by @dependabot in #481
- Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.10 to 2.7.11 by @dependabot in #486
- Bump actions/cache from 3 to 4 by @dependabot in #487
- Bump org.testcontainers:junit-jupiter from 1.19.3 to 1.19.4 by @dependabot in #492
- Bump org.junit.jupiter:junit-jupiter from 5.10.1 to 5.10.2 by @dependabot in #497
- Bump commons-codec:commons-codec from 1.16.0 to 1.16.1 by @dependabot in #500
- Bump org.slf4j:slf4j-api from 2.0.11 to 2.0.12 by @dependabot in #502
- Bump org.testcontainers:junit-jupiter from 1.19.4 to 1.19.5 by @dependabot in #501
- Bump errorprone.version from 2.24.1 to 2.25.0 by @dependabot in #505
- Bump junixsocket.version from 2.8.3 to 2.9.0 by @dependabot in #504
- Bump org.testcontainers:junit-jupiter from 1.19.5 to 1.19.6 by @dependabot in #509
- Bump log4j.version from 2.22.1 to 2.23.0 by @dependabot in #510
Full Changelog: jsch-0.2.16...jsch-0.2.17
jsch-0.2.16
What's Changed
- 0.2.16 changes by @norrisjeremy in #464
- Add support for [email protected] KEX algorithm.
- Switch to bnd-maven-plugin in order to support Multi-Release OSGi bundle JAR's via supplemental manifest files.
- Introduce JSchProxyException to replace generic JschException in Proxy implementations by @mvegter in #467
- Do not falsely log support for ext-info if the server did not return 'ext-info-s' by @mvegter in #463
Dependency Updates
- Bump errorprone.version from 2.23.0 to 2.24.0 by @dependabot in #466
- Bump org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.1 by @dependabot in #465
- Bump log4j.version from 2.22.0 to 2.22.1 by @dependabot in #469
- Bump org.slf4j:slf4j-api from 2.0.9 to 2.0.10 by @dependabot in #468
Full Changelog: jsch-0.2.15...jsch-0.2.16
jsch-0.2.15
What's Changed
- address CVE-2023-48795 by adding support for new strict key exchange extension. by @norrisjeremy in #461
- Add support for
[email protected]
extension by @norrisjeremy in #461
This release introduces two new config options to control usage of the new strict key exchange extension:
enable_strict_kex
(set to yes by default)require_strict_kex
(set to no by default)
If either option (or both) is enabled, then JSch will attempt to use the new strict key exchange extension.- If the
require_strict_kex
option is enabled and JSch detects the server does not support it, then JSch will terminate the connection and throw an exception. - If the
require_strict_kex
option is not enabled and JSch detects the server does not support it, then JSch will fallback and proceed with the connection without using the new extension.
This gives users the ability to enable a strong security posture if needed and avoid proceeding with connections to potentially insecure servers.
Dependency Updates
- Bump surefire.version from 3.2.2 to 3.2.3 by @dependabot in #458
- Bump actions/upload-artifact from 3 to 4 by @dependabot in #459
- Bump github/codeql-action from 2 to 3 by @dependabot in #460
Full Changelog: jsch-0.2.14...jsch-0.2.15
jsch-0.2.14
What's Changed
- #450 use Socket.connect() with a timeout that has been supported since Java 1.4 instead of using old method of creating a separate thread and joining to that thread with timeout. by @norrisjeremy in #451
Dependency Updates
- Bump org.testcontainers:junit-jupiter from 1.19.1 to 1.19.2 by @dependabot in #439
- Bump org.bouncycastle:bcprov-jdk18on from 1.76 to 1.77 by @dependabot in #440
- Bump log4j.version from 2.21.1 to 2.22.0 by @dependabot in #441
- Bump org.testcontainers:junit-jupiter from 1.19.2 to 1.19.3 by @dependabot in #443
- Bump commons-io:commons-io from 2.15.0 to 2.15.1 by @dependabot in #447
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.2 to 3.6.3 by @dependabot in #448
- Bump com.kohlschutter:compiler-annotations from 1.6.5 to 1.6.6 by @dependabot in #446
- Bump actions/setup-java from 3 to 4 by @dependabot in #449
- Bump jna.version from 5.13.0 to 5.14.0 by @dependabot in #452
- Bump org.codehaus.mojo:build-helper-maven-plugin from 3.4.0 to 3.5.0 by @dependabot in #444
Full Changelog: jsch-0.2.13...jsch-0.2.14
jsch-0.2.13
What's Changed
- #411 Add flush operation from Fix added is/jsch#39, with new config option to allow disabling in case it causes regressions.
- #403 add a warning when Channel.getInputStream() or Channel.getExtInputStream() is called after Channel.connect().
Dependency Updates
- Bump surefire.version from 3.1.2 to 3.2.1 by @dependabot in #419
- Bump org.apache.maven.plugins:maven-dependency-plugin from 3.6.0 to 3.6.1 by @dependabot in #420
- Bump org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.0 to 3.3.1 by @dependabot in #423
- Bump junixsocket.version from 2.8.1 to 2.8.2 by @dependabot in #421
- Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.9 to 2.7.10 by @dependabot in #422
- Bump org.junit.jupiter:junit-jupiter from 5.10.0 to 5.10.1 by @dependabot in #426
- Bump org.apache.maven.plugins:maven-clean-plugin from 3.3.1 to 3.3.2 by @dependabot in #427
- Bump commons-io:commons-io from 2.14.0 to 2.15.0 by @dependabot in #428
- Bump org.codehaus.mojo:templating-maven-plugin from 1.0.0 to 3.0.0 by @dependabot in #429
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.0 to 3.6.2 by @dependabot in #434
- Bump junixsocket.version from 2.8.2 to 2.8.3 by @dependabot in #432
- Bump surefire.version from 3.2.1 to 3.2.2 by @dependabot in #433
- Bump com.kohlschutter:compiler-annotations from 1.6.4 to 1.6.5 by @dependabot in #435
Full Changelog: jsch-0.2.12...jsch-0.2.13
jsch-0.2.12
What's Changed
- Further refine previous fixes for windows line endings in PEM keys from #371 & #362 by @norrisjeremy in #371
- #392 replace call to BigInteger.intValueExact to remain comptaible wi… by @mwiede in #397
- Introduce JSchSessionDisconnectException to allow the reasonCode to be retrieved without String parsing by @mvegter in #416
- Introduce specific JSchException for HostKey related failures by @mvegter in #410
Dependency Updates
- update dependencies by @norrisjeremy in #375
- Bump errorprone.version from 2.20.0 to 2.21.1 by @dependabot in #373
- Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.3.0 to 3.4.0 by @dependabot in #381
- Bump org.testcontainers:junit-jupiter from 1.18.3 to 1.19.0 by @dependabot in #379
- Bump org.slf4j:slf4j-api from 2.0.7 to 2.0.9 by @dependabot in #384
- Bump actions/checkout from 3 to 4 by @dependabot in #383
- Bump junixsocket.version from 2.7.0 to 2.7.1 by @dependabot in #387
- Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.0 to 3.4.1 by @dependabot in #388
- Bump com.kohlschutter:compiler-annotations from 1.5.6 to 1.5.7 by @dependabot in #389
- Bump junixsocket.version from 2.7.1 to 2.7.2 by @dependabot in #393
- Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.6.0 by @dependabot in #394
- Bump errorprone.version from 2.21.1 to 2.22.0 by @dependabot in #395
- Bump com.kohlschutter:compiler-annotations from 1.5.7 to 1.5.8 by @dependabot in #396
- Bump org.testcontainers:junit-jupiter from 1.19.0 to 1.19.1 by @dependabot in #401
- Bump commons-io:commons-io from 2.13.0 to 2.14.0 by @dependabot in #402
- Bump com.kohlschutter:compiler-annotations from 1.5.8 to 1.6.4 by @dependabot in #400
- Bump junixsocket.version from 2.7.2 to 2.8.1 by @dependabot in #399
- Bump org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11 by @dependabot in #406
- Bump errorprone.version from 2.22.0 to 2.23.0 by @dependabot in #414
- Reset the sequence numbers on Session disconnect to support reconnection by @mvegter in #409
- Bump log4j.version from 2.20.0 to 2.21.1 by @dependabot in #415
New Contributors
Full Changelog: jsch-0.2.11...jsch-0.2.12