From b7bdcdfa0abeb3e78067b2033160b1cb660ded7e Mon Sep 17 00:00:00 2001 From: Shinsuke Sugaya Date: Sat, 25 Apr 2026 14:55:19 +0900 Subject: [PATCH 1/2] chore(deps): upgrade dependencies and move gpg signing to release profile - Bump xmlsec 4.0.1 -> 4.0.4 - Bump commons-codec 1.16.0 -> 1.22.0 - Bump azure-security-keyvault-keys 4.7.3 -> 4.10.6 - Bump corelib 0.5.5 -> 0.7.1 - Bump commons-text 1.11.0 -> 1.15.0 - Bump mockito-core 5.6.0 -> 5.23.0 - Bump maven-compiler-plugin 3.11.0 -> 3.15.0 - Bump maven-javadoc-plugin 3.6.0 -> 3.12.0 - Bump maven-jar-plugin 3.3.0 -> 3.5.0 - Bump maven-surefire-plugin 2.22.2 -> 3.5.5 - Bump jacoco-maven-plugin 0.8.10 -> 0.8.14 - Bump central-publishing-maven-plugin 0.7.0 -> 0.10.0 - Move maven-gpg-plugin into a 'release' profile and enable bestPractices --- core/pom.xml | 6 +++--- pom.xml | 58 +++++++++++++++++++++++++++++++--------------------- 2 files changed, 38 insertions(+), 26 deletions(-) diff --git a/core/pom.xml b/core/pom.xml index 19ff91c..1f6bebb 100644 --- a/core/pom.xml +++ b/core/pom.xml @@ -54,19 +54,19 @@ org.apache.santuario xmlsec - 4.0.1 + 4.0.4 commons-codec commons-codec - 1.16.0 + 1.22.0 com.azure azure-security-keyvault-keys - 4.7.3 + 4.10.6 true diff --git a/pom.xml b/pom.xml index 4022eae..1c4665d 100644 --- a/pom.xml +++ b/pom.xml @@ -42,8 +42,8 @@ 1.7.36 4.13.2 1.4.14 - 0.5.5 - 1.11.0 + 0.7.1 + 1.15.0 UTF-8 @@ -58,7 +58,7 @@ org.mockito mockito-core - 5.6.0 + 5.23.0 test @@ -92,7 +92,7 @@ maven-compiler-plugin - 3.11.0 + 3.15.0 17 UTF-8 @@ -113,7 +113,7 @@ maven-javadoc-plugin - 3.6.0 + 3.12.0 UTF-8 UTF-8 @@ -124,11 +124,11 @@ maven-jar-plugin - 3.3.0 + 3.5.0 maven-surefire-plugin - 2.22.2 + 3.5.5 false @@ -136,7 +136,7 @@ org.jacoco jacoco-maven-plugin - 0.8.10 + 0.8.14 @@ -155,24 +155,10 @@ - - org.apache.maven.plugins - maven-gpg-plugin - 3.2.7 - - - sign-artifacts - verify - - sign - - - - org.sonatype.central central-publishing-maven-plugin - 0.7.0 + 0.10.0 true central @@ -180,4 +166,30 @@ + + + release + + + + org.apache.maven.plugins + maven-gpg-plugin + 3.2.8 + + + sign-artifacts + verify + + sign + + + true + + + + + + + + From 0c981962b5c6f40a3a6093fc9dcdb1e8467f8252 Mon Sep 17 00:00:00 2001 From: Shinsuke Sugaya Date: Sat, 25 Apr 2026 15:13:07 +0900 Subject: [PATCH 2/2] fix(ci): pin corelib to 0.6.0 for Java 17 and trigger CI on PR only corelib 0.7.0+ is compiled for Java 21 (class file 65), which breaks the Java 17 build (expects 61). 0.6.0 is the latest release still targeting Java 17. Also limit the workflow to pull_request and workflow_dispatch so CI no longer runs twice on push + PR for the same commit. --- .github/workflows/maven.yml | 2 +- pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 3e04d3a..8673b9c 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -3,7 +3,7 @@ name: java-saml CI with Maven -on: [push, pull_request, workflow_dispatch] +on: [pull_request, workflow_dispatch] jobs: test: diff --git a/pom.xml b/pom.xml index 1c4665d..8782a0a 100644 --- a/pom.xml +++ b/pom.xml @@ -42,7 +42,7 @@ 1.7.36 4.13.2 1.4.14 - 0.7.1 + 0.6.0 1.15.0 UTF-8