Skip to content

fix(deps): update dependency com.google.crypto.tink:tink to v1.10.0 #8436

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 17, 2023
Merged

fix(deps): update dependency com.google.crypto.tink:tink to v1.10.0 #8436

merged 1 commit into from
Jul 17, 2023

Conversation

renovate-bot
Copy link
Contributor

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
com.google.crypto.tink:tink 1.9.0 -> 1.10.0 age adoption passing confidence

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

Release Notes

tink-crypto/tink-java (com.google.crypto.tink:tink)

v1.10.0: Tink Java 1.10.0

Tink is a multi-language, cross-platform library that provides simple and misuse-proof APIs for common cryptographic tasks.

This is Tink Java 1.10.0

What is new?

The complete list of changes since 1.9.0 can be found here.

New Features:

  • Added Key Derivation
  • KeysetHandle#equalsKeyset can now be used to compare keysets
  • Added Key classes: JwtEcdsaPrivateKey, JwtEcdsaPublicKey, RsaSsaPssPrivateKey, RsaSsaPssPublicKey.
  • Added RawJwt.getJsonPayload.
  • Restrict KMS Envelope AEAD DEK key type to only Tink AEAD key types.
  • Use Conscrypt as source of randomness if possible.

Potentially breaking changes:

While we aim to be backwards compatible in minor releases, we removed some APIs that were not meant to be public and/or that we are confident are not widely used. If you are impacted by any of these, please file an issue.

  • Removed PrivilegedRegistry.parseKeyData -- this was never meant to be in the public API.

Future work

To see what we're working towards, check our project roadmap.

Getting started

To get started using Tink, see the setup guide.

Maven:

<dependency>
    <groupId>com.google.crypto.tink</groupId>
    <artifactId>tink</artifactId>
    <version>1.10.0</version>
</dependency>

Gradle:

dependencies {
  implementation 'com.google.crypto.tink:tink-android:1.10.0'
}
Bazel:
load("@&#8203;bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")

RULES_JVM_EXTERNAL_TAG = "4.5"
RULES_JVM_EXTERNAL_SHA ="b17d7388feb9bfa7f2fa09031b32707df529f26c91ab9e5d909eb1676badd9a6"

http_archive(
    name = "rules_jvm_external",
    strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG,
    sha256 = RULES_JVM_EXTERNAL_SHA,
    url = "https://github.com/bazelbuild/rules_jvm_external/archive/refs/tags/%s.zip" % RULES_JVM_EXTERNAL_TAG,
)

load("@&#8203;rules_jvm_external//:repositories.bzl", "rules_jvm_external_deps")

rules_jvm_external_deps()

load("@&#8203;rules_jvm_external//:setup.bzl", "rules_jvm_external_setup")

rules_jvm_external_setup()

load("@&#8203;rules_jvm_external//:defs.bzl", "maven_install")

maven_install(
    artifacts = [
        "com.google.crypto.tink:tink:1.10.0",

### ... other dependencies ...
    ],
    repositories = [
        "https://repo1.maven.org/maven2",
    ],
)

Alternatively, one can build Tink from source, and include it with http_archive:

http_archive(
    name = "com_github_tink_crypto_tink_java",
    urls = ["https://github.com/tink-crypto/tink-java/archive/refs/tags/v1.10.0.zip"],
    strip_prefix = "tink-java-1.10.0",
    sha256 = ...
)

load("@&#8203;tink_java//:tink_java_deps.bzl", "TINK_MAVEN_ARTIFACTS", "tink_java_deps")

tink_java_deps()

load("@&#8203;tink_java//:tink_java_deps_init.bzl", "tink_java_deps_init")

tink_java_deps_init()

### ...

maven_install(
    artifacts = TINK_MAVEN_ARTIFACTS + # ... other dependencies ...
    repositories = [
        "https://repo1.maven.org/maven2",
    ],
)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate-bot renovate-bot requested review from a team and yoshi-approver as code owners July 17, 2023 16:55
@renovate-bot renovate-bot requested a review from a team July 17, 2023 16:55
@renovate-bot renovate-bot requested a review from a team as a code owner July 17, 2023 16:55
@forking-renovate forking-renovate bot added the automerge Merge the pull request once unit tests and other checks pass. label Jul 17, 2023
@yoshi-approver yoshi-approver added the automerge: exact Summon MOG for automerging, but approvals need to be against the latest commit label Jul 17, 2023
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 17, 2023
@product-auto-label product-auto-label bot added samples Issues that are directly related to samples. api: cloudsql Issues related to the Cloud SQL for MySQL API. labels Jul 17, 2023
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jul 17, 2023
@gcf-merge-on-green gcf-merge-on-green bot merged commit ef6d07b into GoogleCloudPlatform:main Jul 17, 2023
@gcf-merge-on-green gcf-merge-on-green bot removed the automerge Merge the pull request once unit tests and other checks pass. label Jul 17, 2023
@renovate-bot renovate-bot deleted the renovate/com.google.crypto.tink-tink-1.x branch July 17, 2023 17:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yoshi-approver yoshi-approver yoshi-approver approved these changes

Assignees

@annafang-google annafang-google

Labels
api: cloudsql Issues related to the Cloud SQL for MySQL API. automerge: exact Summon MOG for automerging, but approvals need to be against the latest commit samples Issues that are directly related to samples.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@renovate-bot @yoshi-approver @kokoro-team @annafang-google