This is an automated email from the ASF dual-hosted git repository.
roryqi pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/gravitino.git
The following commit(s) were added to refs/heads/main by this push:
new ccc603fc4f chore: Upgrade nimbus-jose-jwt from 9.37.3 to 10.9 (#10773)
ccc603fc4f is described below
commit ccc603fc4f54a3a3ade28ae116dfd14d65e5e0d3
Author: Akshay Thorat <[email protected]>
AuthorDate: Mon Apr 13 23:16:52 2026 -0700
chore: Upgrade nimbus-jose-jwt from 9.37.3 to 10.9 (#10773)
### What changes were proposed in this pull request?
Upgrade the `nimbus-jose-jwt` dependency from 9.37.3 to 10.9.
### Why are the changes needed?
nimbus-jose-jwt 10.x introduces
`com.nimbusds.jwt.proc.ExpiredJWTException` (a subclass of
`BadJWTException`), which allows catching expired JWT tokens directly
instead of relying on message string parsing. This unblocks PR #10673 to
use the proper exception class as requested in the [review
comment](https://github.com/apache/gravitino/pull/10673#discussion_r3070696702)
by @roryqi.
### Does this PR introduce any user-facing change?
No.
### How was this patch tested?
- `server-common` compiles successfully with the upgraded dependency.
- All existing `server-common` unit tests pass (including token
validator tests).
---
gradle/libs.versions.toml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index a02f7d0d76..5fa2a69779 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -74,7 +74,7 @@ scala-java-compat = "1.0.2"
sqlite-jdbc = "3.42.0.0"
testcontainers = "1.21.4"
jwt = "0.11.1"
-nimbus-jose-jwt = "9.37.3"
+nimbus-jose-jwt = "10.9"
jline = "3.21.0"
okhttp3 = "4.11.0"
opencsv = "2.3"
