Skip to content

Bump strimzi-oauth.version from 0.16.1 to 0.17.1 #50838

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump strimzi-oauth.version from 0.16.1 to 0.17.1 #50838

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 4, 2025

Bumps strimzi-oauth.version from 0.16.1 to 0.17.1.
Updates io.strimzi:kafka-oauth-client from 0.16.1 to 0.17.1

Release notes

Sourced from io.strimzi:kafka-oauth-client's releases.

0.17.1

Main Changes since 0.17.0

Fix for KeycloakAuthorizer incompatibility with Kafka 4.1.0

When deploying KeycloakAuthorizer with Kafka ACL delegation enabled (strimzi.authorization.delegate.to.kafka.acl=true) there was an exception each time the authorization decision was delegated to Kafka's StandardAuthorizer, and the actions were denied.

Kafka 4.1.0 introduced a new metrics pluggability mechanism and updated StandardAuthorizer to implement Monitorable interface and expect a PluginMetrics object to be provided by the instantiating server via Monitorable.withPluginMetrics(PluginMetrics). KeycloakAuthorizer did not provide this part of the expected initialisation to StandardAuthorizer which resulted in NullPointerException at runtime.

This issue should now be fixed.

For more details about the new features see the RELEASE_NOTES.md and the README.md. All changes can be found under the 0.17.1 milestone.

Full Changelog: strimzi/strimzi-kafka-oauth@0.17.0...0.17.1

0.17.1-rc1

Main Changes since 0.17.0

Fix for KeycloakAuthorizer incompatibility with Kafka 4.1.0

When deploying KeycloakAuthorizer with Kafka ACL delegation enabled (strimzi.authorization.delegate.to.kafka.acl=true) there was an exception each time the authorization decision was delegated to Kafka's StandardAuthorizer, and the actions were denied.

Kafka 4.1.0 introduced a new metrics pluggability mechanism and updated StandardAuthorizer to implement Monitorable interface and expect a PluginMetrics object to be provided by the instantiating server via Monitorable.withPluginMetrics(PluginMetrics). KeycloakAuthorizer did not provide this part of the expected initialisation to StandardAuthorizer which resulted in NullPointerException at runtime.

This issue should now be fixed.

For more details about the new features see the RELEASE_NOTES.md and the README.md. All changes can be found under the 0.17.1 milestone.

How to test

Released Maven repository artifacts are available in Maven Central using version 0.17.1-RC1

Example:

<dependency>
    <groupId>io.strimzi</groupId>
    <artifactId>kafka-oauth-client</artifactId>
    <version>0.17.1-RC1</version>
</dependency>

Full Changelog: strimzi/strimzi-kafka-oauth@0.17.0...0.17.1-rc1

0.17.0

Main Changes since 0.16.2

Make client credentials grant type configurable

... (truncated)

Changelog

Sourced from io.strimzi:kafka-oauth-client's changelog.

0.17.1

Fix for KeycloakAuthorizer incompatibility with Kafka 4.1.0

When deploying KeycloakAuthorizer with Kafka ACL delegation enabled (strimzi.authorization.delegate.to.kafka.acl=true) there was an exception each time the authorization decision was delegated to Kafka's StandardAuthorizer, and the actions were denied.

Kafka 4.1.0 introduced a new metrics pluggability mechanism and updated StandardAuthorizer to implement Monitorable interface and expect a PluginMetrics object to be provided by the instantiating server via Monitorable.withPluginMetrics(PluginMetrics). KeycloakAuthorizer did not provide this part of the expected initialisation to StandardAuthorizer which resulted in NullPointerException at runtime.

This issue should now be fixed.

See PR 283

0.17.0

Make client credentials grant type configurable

OAuth clients using client_credentials can now set grant_type to a custom value. Custom authorization servers' OAuth implementations of client_credentials mechanism can now use grant_type as a discriminator.

A new configuration option was introduced: oauth.client.credentials.grant.type.

See PR 279

0.16.2

Properly override json-smart version to 2.5.2 to address CVE-2024-57699 warnings

The version override in 0.16.1 was inadequate. It didn't work for third party components using the OAuth components. They would still transitively bring in net.minidev:json-smart version 2.5.0.

Commits
  • b214e42 Prepare for 0.17.1 release
  • 1436d50 Fix for "this.authorizerMetrics" is null issue in Kafka 4.1.0 (#283)
  • b4c5d53 Use kafka 4.1.0 image in testsuite and minor other fixes (#286)
  • d708cb4 Fix testsuite hydra-test (#284)
  • a098d20 Update RELEASE_NOTES.md (#285)
  • e18a819 Prepare for 0.17.0 release
  • e453b12 Update dependencies - libraries with CVEs, image versions used in examples an...
  • 3fea88d Custom client credentials grant type (#279)
  • 769f95e Change nimbus-jose-jwt to version 10.0.2 to minimise diff from 9.37.3 (#278)
  • 5d5d7ee Bump nimbus-jose-jwt to version 10.3 (#277)
  • Additional commits viewable in compare view

Updates io.strimzi:kafka-oauth-common from 0.16.1 to 0.17.1

Release notes

Sourced from io.strimzi:kafka-oauth-common's releases.

0.17.1

Main Changes since 0.17.0

Fix for KeycloakAuthorizer incompatibility with Kafka 4.1.0

When deploying KeycloakAuthorizer with Kafka ACL delegation enabled (strimzi.authorization.delegate.to.kafka.acl=true) there was an exception each time the authorization decision was delegated to Kafka's StandardAuthorizer, and the actions were denied.

Kafka 4.1.0 introduced a new metrics pluggability mechanism and updated StandardAuthorizer to implement Monitorable interface and expect a PluginMetrics object to be provided by the instantiating server via Monitorable.withPluginMetrics(PluginMetrics). KeycloakAuthorizer did not provide this part of the expected initialisation to StandardAuthorizer which resulted in NullPointerException at runtime.

This issue should now be fixed.

For more details about the new features see the RELEASE_NOTES.md and the README.md. All changes can be found under the 0.17.1 milestone.

Full Changelog: strimzi/strimzi-kafka-oauth@0.17.0...0.17.1

0.17.1-rc1

Main Changes since 0.17.0

Fix for KeycloakAuthorizer incompatibility with Kafka 4.1.0

When deploying KeycloakAuthorizer with Kafka ACL delegation enabled (strimzi.authorization.delegate.to.kafka.acl=true) there was an exception each time the authorization decision was delegated to Kafka's StandardAuthorizer, and the actions were denied.

Kafka 4.1.0 introduced a new metrics pluggability mechanism and updated StandardAuthorizer to implement Monitorable interface and expect a PluginMetrics object to be provided by the instantiating server via Monitorable.withPluginMetrics(PluginMetrics). KeycloakAuthorizer did not provide this part of the expected initialisation to StandardAuthorizer which resulted in NullPointerException at runtime.

This issue should now be fixed.

For more details about the new features see the RELEASE_NOTES.md and the README.md. All changes can be found under the 0.17.1 milestone.

How to test

Released Maven repository artifacts are available in Maven Central using version 0.17.1-RC1

Example:

<dependency>
    <groupId>io.strimzi</groupId>
    <artifactId>kafka-oauth-client</artifactId>
    <version>0.17.1-RC1</version>
</dependency>

Full Changelog: strimzi/strimzi-kafka-oauth@0.17.0...0.17.1-rc1

0.17.0

Main Changes since 0.16.2

Make client credentials grant type configurable

... (truncated)

Changelog

Sourced from io.strimzi:kafka-oauth-common's changelog.

0.17.1

Fix for KeycloakAuthorizer incompatibility with Kafka 4.1.0

When deploying KeycloakAuthorizer with Kafka ACL delegation enabled (strimzi.authorization.delegate.to.kafka.acl=true) there was an exception each time the authorization decision was delegated to Kafka's StandardAuthorizer, and the actions were denied.

Kafka 4.1.0 introduced a new metrics pluggability mechanism and updated StandardAuthorizer to implement Monitorable interface and expect a PluginMetrics object to be provided by the instantiating server via Monitorable.withPluginMetrics(PluginMetrics). KeycloakAuthorizer did not provide this part of the expected initialisation to StandardAuthorizer which resulted in NullPointerException at runtime.

This issue should now be fixed.

See PR 283

0.17.0

Make client credentials grant type configurable

OAuth clients using client_credentials can now set grant_type to a custom value. Custom authorization servers' OAuth implementations of client_credentials mechanism can now use grant_type as a discriminator.

A new configuration option was introduced: oauth.client.credentials.grant.type.

See PR 279

0.16.2

Properly override json-smart version to 2.5.2 to address CVE-2024-57699 warnings

The version override in 0.16.1 was inadequate. It didn't work for third party components using the OAuth components. They would still transitively bring in net.minidev:json-smart version 2.5.0.

Commits
  • b214e42 Prepare for 0.17.1 release
  • 1436d50 Fix for "this.authorizerMetrics" is null issue in Kafka 4.1.0 (#283)
  • b4c5d53 Use kafka 4.1.0 image in testsuite and minor other fixes (#286)
  • d708cb4 Fix testsuite hydra-test (#284)
  • a098d20 Update RELEASE_NOTES.md (#285)
  • e18a819 Prepare for 0.17.0 release
  • e453b12 Update dependencies - libraries with CVEs, image versions used in examples an...
  • 3fea88d Custom client credentials grant type (#279)
  • 769f95e Change nimbus-jose-jwt to version 10.0.2 to minimise diff from 9.37.3 (#278)
  • 5d5d7ee Bump nimbus-jose-jwt to version 10.3 (#277)
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump strimzi-oauth.version from 0.16.1 to 0.17.1
93f146d 
Bumps `strimzi-oauth.version` from 0.16.1 to 0.17.1.

Updates `io.strimzi:kafka-oauth-client` from 0.16.1 to 0.17.1
- [Release notes](https://github.com/strimzi/strimzi-kafka-oauth/releases)
- [Changelog](https://github.com/strimzi/strimzi-kafka-oauth/blob/0.17.1/RELEASE_NOTES.md)
- [Commits](strimzi/strimzi-kafka-oauth@0.16.1...0.17.1)

Updates `io.strimzi:kafka-oauth-common` from 0.16.1 to 0.17.1
- [Release notes](https://github.com/strimzi/strimzi-kafka-oauth/releases)
- [Changelog](https://github.com/strimzi/strimzi-kafka-oauth/blob/0.17.1/RELEASE_NOTES.md)
- [Commits](strimzi/strimzi-kafka-oauth@0.16.1...0.17.1)

---
updated-dependencies:
- dependency-name: io.strimzi:kafka-oauth-client
  dependency-version: 0.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: io.strimzi:kafka-oauth-common
  dependency-version: 0.17.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the area/dependencies Pull requests that update a dependency file label Nov 4, 2025
@quarkus-bot
Copy link

quarkus-bot bot commented Nov 4, 2025
edited by github-actions bot
Loading

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 93f146d.

Failing Jobs

Status Name Step Failures Logs Raw logs Build scan
Initial JDK 17 Build Build Failures Logs Raw logs 🔍

You can consult the Develocity build scans.

Failures

⚙️ Initial JDK 17 Build #

- Failing: integration-tests/kafka-oauth-keycloak

📦 integration-tests/kafka-oauth-keycloak

Failed to execute goal org.apache.maven.plugins:maven-enforcer-plugin:3.6.2:enforce (enforce) on project quarkus-integration-test-kafka-oauth-keycloak: Rule 0: org.apache.maven.enforcer.rules.dependency.DependencyConvergence failed with message: Failed while enforcing releasability.

Dependency convergence error for net.minidev:json-smart:jar:2.5.0. Paths to dependency are:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area/dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant